Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Introduce evt trigger #4414

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Introduce evt trigger #4414

wants to merge 2 commits into from

Conversation

geyslan
Copy link
Member

@geyslan geyslan commented Dec 5, 2024
edited
Loading

Close: #4412

1. Explain what the PR does

2. Explain how to test it

3. Other comments

./dist/evt -h        
evt is a simple testing tool that generates events to stress the system

Usage:
  evt [command]

Available Commands:
  completion  Generate the autocompletion script for the specified shell
  help        Help about any command
  trigger     Trigger events to trigger

Flags:
  -h, --help   help for evt

Use "evt [command] --help" for more information about a command.

./dist/evt trigger -h               
Trigger events to trigger

Usage:
  evt trigger [flags]

Aliases:
  trigger, t

Flags:
  -f, --bypass-flags                            Print tracee bypass flags
  -e, --event string     <name>...              Select event to trigger
  -h, --help             help for trigger
  -o, --ops int32        <number>...            Number of operations to perform (default 1)
  -s, --sleep duration   <duration>...          Sleep time between operations (default 10ns)
  -w, --wait-signal                             Wait for start signal (SIGUSR1)

@geyslan geyslan self-assigned this Dec 5, 2024
@yanivagman yanivagman mentioned this pull request Dec 5, 2024
Closed
@NDStrahilevitz
Copy link
Collaborator

Just to note that at first I thought the PR refers to the uprobe triggering mechanism, we may want to rethink one of the names...
Anyway, promising tool.

@geyslan
Copy link
Member Author

geyslan commented Dec 9, 2024

The current idea is to have this new binary evt with two main commands trigger and stress. The former would only run an underlying script related to a single Tracee event chosen. The former would accept multiple events or policies to run Tracee first and in the sequence the evt trigger itself for each event chosen.

How do you see the name conflicting with uname? What do you suggest then? I'm all ears.

@NDStrahilevitz
Copy link
Collaborator

Member

It's just that there is this package:
https://github.com/aquasecurity/tracee/tree/main/pkg/events/trigger
Which conflicts in name. So we need to rename on of them imo since we have the concept of "triggered events (through uprobes)" as a, rather underdeveloped, internal mechanism of tracee.

@geyslan
Copy link
Member Author

geyslan commented Jan 7, 2025

Member

It's just that there is this package: https://github.com/aquasecurity/tracee/tree/main/pkg/events/trigger Which conflicts in name. So we need to rename on of them imo since we have the concept of "triggered events (through uprobes)" as a, rather underdeveloped, internal mechanism of tracee.

I don't think they conflict with each other, perhaps in resemblance only, see:

pkg/events/trigger - pkg
cmd/evt/cmd/trigger - cmd

They in different hierarchies. Anyway, we might change one or both in the future if it starts to confuse us. 👍🏼

@geyslan geyslan force-pushed the evt-trigger branch 2 times, most recently from 762247a to de95c0e Compare January 8, 2025 17:14
geyslan added 2 commits January 8, 2025 16:04
@geyslan
chore(cmd): introduce evt program
687cdb1 
Initially, the evt program is able to trigger events in the system by
the use of the `trigger` command.
@geyslan
chore: add events triggers (scripts)
5bd63e3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@geyslan geyslan

Labels
area/build area/UX kind/feature milestone/v0.24.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

evt trigger
2 participants
@geyslan @NDStrahilevitz