Skip to content

Commit

Permalink
feat(docs): update docs for structured config file
Browse files Browse the repository at this point in the history 
This also changes the default config file to be a structured YAML file
and adds a new example config file 'global_config_cli.yaml'  that uses
the CLI format.
  • Loading branch information
@geyslan
geyslan committed Oct 25, 2023
1 parent 00826b9 commit 9faf728
Show file tree
Hide file tree
Showing 4 changed files with 157 additions and 52 deletions.
14 changes: 8 additions & 6 deletions docs/docs/config/kubernetes.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,20 +17,22 @@ metadata:
data:
config.yaml: |-
cache:
- cache-type=mem
- mem-cache-size=512
type: mem
size: 512
perf-buffer-size: 1024
containers: true
healthz: false
metrics: true
pprof: false
pyroscope: false
listen-addr: :3366
log:
- info
level: info
output:
- json
- option:parse-arguments
options:
parse-arguments: true
json:
files:
- stdout
```

## Customizing
Expand Down
14 changes: 12 additions & 2 deletions docs/docs/config/overview.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,15 @@ log:
- aggregate
```
Or in a structured format:
```yaml
log:
level: debug
aggregate:
enabled: true
```
## Reserved Flags
There are a few flags that are reserved for the CLI and cannot be set through the configuration file. These include:
Expand All @@ -40,8 +49,9 @@ There are a few flags that are reserved for the CLI and cannot be set through th

To help you get started with configuring Tracee using the `--config` flag, we've provided two example configuration files in the `examples/config` directory of the Tracee repository:

- `examples/config/global_config.json`: This file contains an example configuration in JSON format.
- `examples/config/global_config.yaml`: This file contains the same example configuration as global_config.json, but in YAML format.
- `examples/config/global_config.yaml`: This file contains an example configuration in YAML format.
- `examples/config/global_config_cli.yaml`: This file contains the same example configuration as global_config.yaml, but using cli flags (not structured).
- `examples/config/global_config.json`: This file contains the same example configuration as global_config_cli.yaml, but in JSON format.

These example files demonstrate how you can set various configuration options using the `--config` flag. You can use these files as a starting point for your own configuration, or as a reference for the available configuration options.

Expand Down
160 changes: 116 additions & 44 deletions examples/config/global_config.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,64 +1,136 @@
blob-perf-buffer-size: 1024
cache:
# - none # cache-type={none,mem}
- cache-type=none
# - mem-cache-size=556
# cache:
# type: mem
# size: 256
type: none
# size: 1024

proctree:
# - source=events
source: events
cache:
process: 8192
thread: 4096
source: none
# cache:
# process: 8192
# thread: 4096

capabilities:
# - bypass=false
# - add=cap_kill,cap_syslog
bypass: true
add:
- cap_sys_admin
- cap_syslog
drop:
- cap_chown
bypass: false
# add:
# - cap_sys_admin
# - cap_syslog
# drop:
# - cap_chown

containers: false
crs:
- containerd:/var/run/containerd/containerd.sock
- docker:/var/run/docker.sock
- runtime:
name: containerd
socket: /var/run/containerd/containerd.sock
- runtime:
name: docker
socket: /var/run/docker.sock

# - runtime:
# name: containerd
# socket: /var/run/containerd/containerd.sock
# - runtime:
# name: docker
# socket: /var/run/docker.sock

healthz: false
install-path: /tmp/tracee
listen-addr: :3366
log:
- info
level: info
# file: "/path/to/log/file.log"
# aggregate:
# enabled: true
# flush-interval: "5s"
# filters:
# libbpf: false
# in:
# msg:
# - SampleMessage1
# - SampleMessage2
# pkg:
# - package1
# - package2
# file:
# - file1.go
# - file2.go
# level:
# - warn
# - error
# regex:
# - ^pattern1
# - ^pattern2
# out:
# msg:
# - ExcludedMessage1
# pkg:
# - excludedPackage
# file:
# - excludedFile.go
# level:
# - debug
# regex:
# - ^excludedPattern

metrics: false
output:
- json
# - webhook:HTTP://localhost:8080?timeout=5s
# output-structured:
# - webhook:
# name: webhook1
# host: http://localhost
# port: 8000
# timeout: 5s
# - webhook:
# name: webhook2
# host: http://localhost
# port: 9000
# timeout: 5s
json:
files:
- stdout

# table:
# files:
# - /path/to/table1.out
# - /path/to/table2.out

# table-verbose:
# files:
# - stdout

# gob:
# files:
# - /path/to/gob1.out

# gotemplate:
# template: /path/to/my_template1.tmpl
# files:
# - /path/to/output1.out
# - /path/to/output2.out

# forward:
# - forward1:
# protocol: tcp
# user: user
# password: pass
# host: 127.0.0.1
# port: 24224
# tag: tracee1
# - forward2:
# protocol: udp
# user: user
# password: pass
# host: 127.0.0.1
# port: 24225
# tag: tracee2

# webhook:
# - webhook1:
# protocol: http
# host: localhost
# port: 8000
# timeout: 5s
# - webhook2:
# protocol: http
# host: localhost
# port: 9000
# timeout: 3s

# options:
# none: false
# stack-addresses: true
# exec-env: false
# relative-time: true
# exec-hash: false
# parse-arguments: true
# sort-events: false

perf-buffer-size: 1024
pprof: false
pyroscope: false
rego:
# - partial-eval
- aio
# partial-eval: true
# aio: true
signatures-dir: ""
21 changes: 21 additions & 0 deletions examples/config/global_config_cli.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
blob-perf-buffer-size: 1024
cache:
- none
proctree:
- none
capabilities: []
containers: false
crs: []
healthz: false
install-path: /tmp/tracee
listen-addr: :3366
log:
- info
metrics: false
output:
- json
perf-buffer-size: 1024
pprof: false
pyroscope: false
rego: []
signatures-dir: ""

0 comments on commit 9faf728

Please sign in to comment.