-
Notifications
You must be signed in to change notification settings - Fork 83
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
vote: Add AKS audit logs plugin #551
Conversation
118f1c6
to
345e7bd
Compare
Rules files suggestions |
Rules files suggestions |
Rules files suggestions |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall, SGTM!
I've just left a few minor comments (see below).
Thanks!
Rules files suggestions |
2 similar comments
Rules files suggestions |
Rules files suggestions |
Hey @IgorEulalio Since this is a maintainer addition, as per our governance, we will go with a quick majority vote among @falcosecurity/plugins-maintainers. This process will take no more than one week. Meanwhile, we are already reviewing the code. You may expect some delay, considering the upcoming holidays, but I want to let you know that we are on it :) Thanks |
Rules files suggestions |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1
+1 from me too! |
Signed-off-by: Francesco Pirrò <francesco.pirro@sysdig.com> update(plugins/gcpaudit): bump plugin version to 0.5.0 Signed-off-by: Francesco Pirrò <francesco.pirro@sysdig.com> chore(plugins/gcpaudit): update changelogs with v0.5.0 changes Signed-off-by: Francesco Pirrò <francesco.pirro@sysdig.com> add initial plugin structure Signed-off-by: Igor Eulalio <igor.eulalio@sysdig.com> add processor function, refactor workflow to leverage channels Signed-off-by: Igor Eulalio <igor.eulalio@sysdig.com> refactoring main function to handle Process in underlying package, introducing channels Signed-off-by: Igor Eulalio <igor.eulalio@sysdig.com> add makefile Signed-off-by: Igor Eulalio <igor.eulalio@sysdig.com> update regisry + readme for k8saudit-aks Signed-off-by: Thomas Labarussias <issif+github@gadz.org> add owners Signed-off-by: Thomas Labarussias <issif+github@gadz.org> fix Open method arg Signed-off-by: Thomas Labarussias <issif+github@gadz.org> refactor code to handle the channel logic, add Makefile helpers, add new rule Signed-off-by: Igor Eulalio <igor.eulalio@sysdig.com> add logs using proper plugin, finish configuration Signed-off-by: Igor Eulalio <igor.eulalio@sysdig.com> feat: add .envrc to gitignore Signed-off-by: Igor Eulalio <igor.eulalio@sysdig.com> feat: add .envrc to gitignore Signed-off-by: Igor Eulalio <igor.eulalio@sysdig.com>
…ure proper resource shutdown for partitionClient Signed-off-by: Igor Eulalio <igor.eulalio@sysdig.com>
Signed-off-by: Igor Eulalio <igor.eulalio@sysdig.com>
Signed-off-by: Igor Eulalio <igor.eulalio@sysdig.com>
…fix typo on README Signed-off-by: Igor Eulalio <igor.eulalio@sysdig.com>
Signed-off-by: Igor Eulalio <igor.eulalio@sysdig.com>
…dd plugin max event size configuration Signed-off-by: Igor Eulalio <igor.eulalio@sysdig.com>
Signed-off-by: Igor Eulalio <igor.eulalio@sysdig.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1!
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: IgorEulalio, LucaGuerra The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
LGTM label has been added. Git tree hash: d40038fac876264d033b7f52f576e3128b63701b
|
What this PR does / why we need it:
That PR aims to add support for ingesting Azure AKS audit logs plugins and stream them to k8s_audit plugin.
Fixes #243
Fixes #368