Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding logs on tracers and fixed init order #405

Merged
merged 1 commit into from
Nov 10, 2024
Merged

Adding logs on tracers and fixed init order #405

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 21 additions & 9 deletions pkg/containerwatcher/v1/container_watcher_private.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -201,23 +201,21 @@ func (ch *IGContainerWatcher) startTracers() error {
logger.L().Error("error starting seccomp tracing", helpers.Error(err))
return err
}
// Start capabilities tracer
if err := ch.startCapabilitiesTracing(); err != nil {
logger.L().Error("error starting capabilities tracing", helpers.Error(err))
return err
}
logger.L().Info("Started syscall tracing")
}
if ch.cfg.EnableRelevancy || ch.cfg.EnableApplicationProfile {
// Start exec tracer
if err := ch.startExecTracing(); err != nil {
logger.L().Error("error starting exec tracing", helpers.Error(err))
return err
}
logger.L().Info("Started exec tracing")
// Start open tracer
if err := ch.startOpenTracing(); err != nil {
logger.L().Error("error starting open tracing", helpers.Error(err))
return err
}
logger.L().Info("Started open tracing")
}

if ch.cfg.EnableNetworkTracing {
Expand All @@ -237,20 +235,29 @@ func (ch *IGContainerWatcher) startTracers() error {
// not failing on dns tracing error
logger.L().Error("error starting dns tracing", helpers.Error(err))
}
logger.L().Info("Started dns tracing")

if err := ch.startNetworkTracing(); err != nil {
logger.L().Error("error starting network tracing", helpers.Error(err))
return err
}
logger.L().Info("Started network tracing")
}

if ch.cfg.EnableRuntimeDetection {
// Start capabilities tracer
if err := ch.startCapabilitiesTracing(); err != nil {
logger.L().Error("error starting capabilities tracing", helpers.Error(err))
return err
}
logger.L().Info("Started capabilities tracing")
// The randomx tracing is only supported on amd64 architecture.
if runtime.GOARCH == "amd64" {
if err := ch.startRandomxTracing(); err != nil {
logger.L().Error("error starting randomx tracing", helpers.Error(err))
return err
}
logger.L().Info("Started randomx tracing")
} else {
logger.L().Warning("randomx tracing is not supported on this architecture", helpers.String("architecture", runtime.GOARCH))
}
Expand All @@ -259,46 +266,51 @@ func (ch *IGContainerWatcher) startTracers() error {
logger.L().Error("error starting symlink tracing", helpers.Error(err))
return err
}
logger.L().Info("Started symlink tracing")

if err := ch.startHardlinkTracing(); err != nil {
logger.L().Error("error starting hardlink tracing", helpers.Error(err))
return err
}
logger.L().Info("Started hardlink tracing")

// NOTE: SSH tracing relies on the network tracer, so it must be started after the network tracer.
if err := ch.startSshTracing(); err != nil {
logger.L().Error("error starting ssh tracing", helpers.Error(err))
return err
}
logger.L().Info("Started ssh tracing")

if err := ch.startPtraceTracing(); err != nil {
logger.L().Error("error starting ptrace tracing", helpers.Error(err))
return err
}
logger.L().Info("Started ptrace tracing")

// Start third party tracers
for tracer := range ch.thirdPartyTracers.Iter() {
if err := tracer.Start(); err != nil {
logger.L().Error("error starting custom tracer", helpers.String("tracer", tracer.Name()), helpers.Error(err))
return err
}
logger.L().Info("Started custom tracer", helpers.String("tracer", tracer.Name()))
}
}

if ch.cfg.EnableHttpDetection {
logger.L().Debug("starting http tracing")
if err := ch.startHttpTracing(); err != nil {
logger.L().Error("error starting http tracing", helpers.Error(err))
return err
}
logger.L().Info("Started http tracing")
}

return nil
}

func (ch *IGContainerWatcher) stopTracers() error {
var errs error
if ch.cfg.EnableApplicationProfile {
if ch.cfg.EnableApplicationProfile || ch.cfg.EnableRuntimeDetection {
// Stop capabilities tracer
if err := ch.stopCapabilitiesTracing(); err != nil {
logger.L().Error("error stopping capabilities tracing", helpers.Error(err))
Expand All @@ -310,7 +322,7 @@ func (ch *IGContainerWatcher) stopTracers() error {
errs = errors.Join(errs, err)
}
}
if ch.cfg.EnableRelevancy || ch.cfg.EnableApplicationProfile {
if ch.cfg.EnableRelevancy || ch.cfg.EnableApplicationProfile || ch.cfg.EnableRuntimeDetection {
// Stop exec tracer
if err := ch.stopExecTracing(); err != nil {
logger.L().Error("error stopping exec tracing", helpers.Error(err))
Expand All @@ -323,7 +335,7 @@ func (ch *IGContainerWatcher) stopTracers() error {
}
}

if ch.cfg.EnableNetworkTracing {
if ch.cfg.EnableNetworkTracing || ch.cfg.EnableRuntimeDetection {
// Stop network tracer
if err := ch.stopNetworkTracing(); err != nil {
logger.L().Error("error stopping network tracing", helpers.Error(err))
Expand Down
Loading