tetragon
tetragon copied to clipboard
cilium
new: log-file option
Description
Adding a log-file option to broadcast logs to both stderr (or stdout) and the log file, if set.
By default, unset.
Leverages io.MultiWriter.
Note: the new log-file does not support rotation.
Changelog
new: log-file option
Deploy Preview for tetragon ready!
| Name | Link |
|---|---|
| Latest commit | d60e81d56e9a40adf50d3fb5ba0c829c83f5ff0f |
| Latest deploy log | https://app.netlify.com/projects/tetragon/deploys/6925b088c5c8e50008e84f1e |
| Deploy Preview | https://deploy-preview-4378--tetragon.netlify.app |
| Preview on mobile | Toggle QR Code...Use your smartphone camera to open QR code link. |
To edit notification comments on pull requests, go to your Netlify project configuration.
![netlify[bot] avatar](https://avatars.githubusercontent.com/in/13473?v=4 "Published by a pub.dev verified publisher"){kind=small}
I just tried that and I'm getting difference between --log-file xxx output and console output from tetragon binary (+ lines below) not sure why..
+level=info msg="Starting tetragon" version=v1.7.0-pre.0-169-gbc46e25ef3b4
+level=info msg="config settings" config="map[bpf-dir:tetragon bpf-lib:./bpf/objs/ btf: cgroup-rate: cluster-name: config-dir: cpuprofile: cri-endpoint: data-cache-size:1024 debug:false disable-kprobe-multi:false enable-ancestors:[] enable-cgidmap:false enable-cgidmap-debug:false enable-cgtrackerid:true enable-compatibility-syscall64-size-type:false enable-cri:false enable-export-aggregation:false enable-k8s-api:false enable-msg-handling-latency:false enable-pid-set-filter:false enable-pod-annotations:false enable-pod-info:false enable-policy-filter:false enable-policy-filter-cgroup-map:false enable-policy-filter-debug:false enable-process-cred:false enable-process-ns:false enable-tracing-policy-crd:true event-cache-retries:15 event-cache-retry-delay:2 event-queue-size:10000 execve-map-entries:0 execve-map-size: export-aggregation-buffer-size:10000 export-aggregation-window-size:15s export-allowlist: export-denylist: export-file-compress:false export-file-max-backups:5 export-file-max-size-mb:10 export-file-perm:600 export-file-rotation-interval:0s export-filename: export-rate-limit:-1 expose-stack-addresses:false field-filters: force-large-progs:false force-small-progs:false generate-docs:false gops-address: health-server-address::6789 health-server-interval:10 k8s-controlplane-retry:1 k8s-kubeconfig-path: keep-sensors-on-exit:false kernel: log-file:krava.log log-format:text log-level:info memprofile: metrics-label-filter:namespace,workload,pod,binary metrics-server: netns-dir:/var/run/docker/netns/ pprof-address: process-cache-gc-interval:30s process-cache-size:65536 procfs:/proc/ rb-queue-size:65535 rb-size:0 rb-size-total:0 redaction-filters: release-pinned-bpf:true retprobes-cache-size:4096 server-address:localhost:54321 tracing-policy: tracing-policy-dir:/etc/tetragon/tetragon.tp.d use-perf-ring-buffer:false username-metadata:disabled verbose:0]"
level=info msg="Tetragon current security context" SELinux=unconfined AppArmor=unconfined Smack="" Lockdown=none
+level=info msg="Tetragon pid file creation succeeded" pid=145149 pidfile=/var/run/tetragon/tetragon.pid
+level=info msg="BPF: successfully released pinned BPF programs and maps" bpf-dir=/sys/fs/bpf/tetragon
level=info msg="BTF discovery: default kernel btf file found" btf-file=/sys/kernel/btf/vmlinux
+level=info msg="BPF detected features: override_return: true, buildid: true, kprobe_multi: true, uprobe_multi: true, fmodret: true, fmodret_syscall: true, signal: true, large: true, link_pin: true, lsm: false, missed_stats_kprobe_multi: true, missed_stats_kprobe: true, batch_update: true, uprobe_refctroff: true, audit_loginuid: true, probe_write_user: true, uprobe_regs_change: false"
level=info msg="Cgroup mode detection succeeded" cgroup.fs=/sys/fs/cgroup cgroup.mode="Unified mode (Cgroupv2)"
level=info msg="Cgroupv2 supported controllers detected successfully" cgroup.fs=/sys/fs/cgroup cgroup.path=/proc/1/root/sys/fs/cgroup cgroup.controllers="[cpuset cpu io memory hugetlb pids rdma misc dmem]" cgroup.hierarchyID=0
level=info msg="Cgroupv2 supported controllers detected successfully" cgroup.fs=/sys/fs/cgroup cgroup.path=/sys/fs/cgroup/user.slice/user-1000.slice/session-434.scope cgroup.controllers="[cpu memory pids]" cgroup.hierarchyID=0
level=info msg="Cgroupv2 hierarchy validated successfully" cgroup.fs=/sys/fs/cgroup cgroup.path=/sys/fs/cgroup/user.slice/user-1000.slice/session-434.scope
level=info msg="Deployment mode detection succeeded" cgroup.fs=/sys/fs/cgroup deployment.mode="systemd user session"
+level=info msg="Updated TetragonConf map successfully" confmap-update=tg_conf_map deployment.mode="systemd user session" log.level=0 cgroup.fs.magic=Cgroupv2 cgroup.hierarchyID=0 NSPID=145149
+level=info msg="Disabling Kubernetes API"
+level=info msg="Configured redaction filters" redactionFilters=""
level=info msg="Exit probe on acct_process"
level=info msg="Set execve_map entries 32768" size=28M
level=info msg="BPF ring buffer size (bytes)" total=512K
@@ -17,12 +25,15 @@ level=info msg="Registered sensors (poli
level=info msg="Registered probe types" types="generic_lsm, generic_tracepoint, generic_uprobe, generic_usdt, loader, execve, enforcer, generic_kprobe"
level=info msg="Creating new EventCache" retries=15 delay=2s
level=info msg="Starting process manager" enableK8s=false enableProcessCred=false enableProcessNs=false
+level=info msg="Exporter configuration" enabled=false fileName=""
level=info msg="Successfully detected bpftool path" bpftool=/usr/local/sbin/bpftool
level=info msg="Successfully detected gops path" gops=/root/go/bin/gops
level=info msg="BPF: found active BPF resources" bpf-dir=/sys/fs/bpf/tetragon pinned-bpf="[__base__ execve_map execve_map_stats execve_map_update_data tcpmon_map tg_conf_map tg_errmetrics_map tg_execve_joined_info_map tg_execve_joined_info_map_stats tg_mbset_gen tg_mbset_map tg_rb_events tg_stats_map]"
+level=info msg="Starting gRPC health server" address=:6789 interval=10
+level=info msg="Starting gRPC server" protocol=tcp address=localhost:54321
level=info msg="Read ProcFS /proc/ appended 252/314 entries"
level=info msg="Cgroup rate disabled (0/0s)"
+level=info msg="Loading Tracing Policies from directory ignored, directory does not exist" tracing-policy-dir=/etc/tetragon/tetragon.tp.d
level=info msg="Perf ring buffer size (bytes)" percpu=68K total=544K
level=info msg="Events queue size (events)" size=63K
level=info msg="Listening for events..."
Whoa didn't expect differences given the implementation :O let me try to understand what's happening! Thanks for the feedback btw!