Skip to content
This repository has been archived by the owner on Nov 19, 2021. It is now read-only.

v0.1.3
Compare
Choose a tag to compare
@ycamper ycamper released this 29 Jan 17:08
· 6 commits to main since this release
v0.1.3
64cf876
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

image

  • Moved the bindata generated Assets api for public (non-lib-internal) use.
  • event.Trace->Argv is now a call.Function instead of a naked interface{}
  • Added call.Function.Arguments() accessor method.
  • Moved cmd/loadBPFargs helper function into cmd/loader.go
  • Removed event.TraceEvent.WithTopology (now covered by WithContainerLookup
  • event.TraceEvent.WithContainerLookup is now used as a callback for resolving
    pid-namespace->container info.
  • Added kernel.Probe.DetectAndSetOffsets() helpers for auto-discovering proper struct
    member offsets using the running kernel.
  • kernel.Probe.InitProbe() now has optional configuration options
    • WithOffsetDetection() - struct task_struct member offset detection
    • WithDefaultFilter() - sets up default kernel filters for the BPF
  • Moved hub.Hub under the Topology API (pkg/topology)
  • Moved hub.Job under the Topology API (pkg/topology)
  • the Hub API no longer uses its own hub.Observer, this is derived from the
    Observer it was created with.
  • A metric load of documentation additions along with some pretty verbose
    examples. Check them out here: https://github.com/criticalstack/swoll/tree/v0.1.3/examples
Assets 6
Loading