cilium
Export Environment Variables in a Process's Context when an event is captured
Is there an existing issue for this?
- [X] I have searched the existing issues
Is your feature request related to a problem?
I want to enhance monitoring for a process captured by Tetragon by looking at the environment variables available to the captured process.
Describe the feature you would like
To further enhance observability within a process's context, this feature will allow specified environment variables to be exported alongside other metadata when an event is captured. Such that, when specifying a Tetragon event, you can specify which environment variables you want to export when a Tetragon event is captured. For example:
kprobes:
- call: <some_call_here>
env: ["ENV1", "ENV2"]
would yield the following entry in the json logs:
{
"env": {
"ENV1": "<some_string_value_here>",
"ENV2: "<some_string_value_here>"
}
}
Describe your proposed solution
No response
Code of Conduct
- [X] I agree to follow this project's Code of Conduct
@joshuajorel Do you have plans to add this feature in the future? It seems like it could be useful for detecting the use of "LD_PRELOAD"
Any update on getting this feature, we have information we want to pull from the env variables and can't seem to do that right now.
Any update on getting this feature, we have information we want to pull from the env variables and can't seem to do that right now.
The main work on this was https://github.com/cilium/tetragon/pull/3797 and it seems the author took a break after working on this in August.
