Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Analyze mode should support same (or similar) features as regular pipeline. #3520

Open
AlonZivony opened this issue Sep 28, 2023 · 1 comment · May be fixed by #3673
Open

Analyze mode should support same (or similar) features as regular pipeline. #3520

AlonZivony opened this issue Sep 28, 2023 · 1 comment · May be fixed by #3673
Assignees
@AlonZivony
Labels
area/rules kind/feature
Milestone
v0.22.0

Comments

@AlonZivony
Copy link
Collaborator

AlonZivony commented Sep 28, 2023
edited by rafaeldtinoco

The current analyze mode is a replacement of the previous tracee-rules binary but misses many new features developed since then.

It needs to support at least a few things, such as:

  • access to process tree information through data sources
  • access to container enrichment info through data sources

For the data source to be available to the analyze mode, some steps being taken during the pipe line stages will have to be disabled (like realtime procfs access) and the data source might have to be serialized in a way it can be consumed later (for example).
@AlonZivony AlonZivony added this to the v0.20.0 milestone Sep 28, 2023
@AlonZivony
Copy link
Collaborator Author

Example of a use case - #3498 (comment)

@rafaeldtinoco rafaeldtinoco self-assigned this Oct 10, 2023
@rafaeldtinoco rafaeldtinoco modified the milestones: v0.20.0, v0.19.0 Oct 10, 2023
@rafaeldtinoco rafaeldtinoco changed the title Change analyze mode to use the normal pipeline Analyze mode should support same (or similar) features as regular pipeline. Oct 10, 2023
@itaysk itaysk modified the milestones: v0.19.0, v0.20.0 Oct 17, 2023
@AlonZivony AlonZivony linked a pull request Nov 5, 2023 that will close this issue
Open
@yanivagman yanivagman modified the milestones: v0.20.0, v0.21.0 Feb 6, 2024
@yanivagman yanivagman modified the milestones: v0.21.0, v0.22.0 Apr 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AlonZivony AlonZivony

Labels
area/rules kind/feature
Projects
None yet
Milestone
v0.22.0
Development

Successfully merging a pull request may close this issue.

Refactor/full analyze mode AlonZivony/tracee
4 participants
@itaysk @rafaeldtinoco @yanivagman @AlonZivony