Skip to content

Commit

Permalink
Change log action Allow to Audit if its audit mode
Browse files Browse the repository at this point in the history 
This commit changes log action Allow to Audit and Block to Audit (Block) if its audit mode.

Fixes: kubearmor#213

Signed-off-by: Ayush Dwivedi <ayush.dwivedi@accuknox.com>
  • Loading branch information
@oneiro-naut
oneiro-naut committed Jul 28, 2021
1 parent 490bb56 commit 2fa8868
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions KubeArmor/feeder/policyMatcher.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -908,6 +908,14 @@ func (fd *Feeder) UpdateMatchedPolicy(log tp.Log) tp.Log {
return log
}
} else if log.Type == "MatchedPolicy" {
if log.PolicyEnabled == tp.KubeArmorPolicyAudited {
if log.Action == "Allow" {
log.Action = "Audit"
} else if log.Action == "Block" {
log.Action = "Audit (Block)"
}
}

if log.Action == "Allow" && log.Result == "Passed" {
// use 'AllowWithAudit' to get the logs for allowed operations
return tp.Log{}
Expand Down

0 comments on commit 2fa8868

Please sign in to comment.