Draft
Conversation
Log events
Update file overwrite logging
Add option to disable sudo
Add authorization check for private repos
Armour integration
…-containers feat: add ability to disable sudo and containers
fix: function sequencing
…-containers Feat/disable sudo and containers
…-containers Feat/disable sudo and containers
Disable sudo and containers
Added support for monitoring UDP packets in the NetworkMonitor by introducing handling for the sendto and sendmsg syscalls. Updated logging to reflect the addition of UDP monitoring alongside existing TCP functionality. (cherry picked from commit f9c107f)
Updated the UDP monitoring implementation to combine logging for the sendto and sendmsg syscalls into a single log entry, enhancing clarity in network monitoring outputs. (cherry picked from commit 8211235)
(cherry picked from commit f9bac98)
feat: enhance network monitoring for UDP packets
int: restrict calls to dns_servers from agent-uid
- Added support for custom detection rules in the Armour integration. - Introduced new functions to submit process, file, and network events to the detection manager. - Updated the DNS proxy to submit DNS events when custom detection rules are enabled. - Refactored the agent's DNS handling to ensure proper execution flow when Docker is uninstalled.
- Introduced TelemetryURL in the ApiClient struct to allow separate telemetry endpoint usage. - Updated the agent to utilize TelemetryURL for sending DNS records and network connections. - Enhanced configuration handling to initialize TelemetryURL from the config file, defaulting to APIURL if not specified.
- Eliminated the call to submitDNSEvent in the handleNetworkEvent function, streamlining the event handling process.
- Added a new configuration option to enable custom detection rules in the agent's run function.
- Changed the assignment of OneTimeKey in the agent's run function to use apiclient.OneTimeKey. - Updated the Armour dependency version from v1.1.3 to v1.2.0 in go.mod and go.sum.
…sys to v0.40.0 - Upgraded OpenTelemetry packages in go.mod and go.sum to version 1.40.0. - Updated golang.org/x/sys dependency to version 0.40.0.
- Moved the call to submitFileEvent to occur after unlocking the fileMutex, improving the event handling flow.
feat: integrate custom detection rules with Armour
- Upgraded the Armour dependency version in go.mod and go.sum from v1.2.0 to v1.2.1.
chore: update Armour dependency to v1.2.1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.