Structs§
- bpf_
map_ log - Log for a eBPF map access via a bpf() syscall
- generic_
msg_ log - Generic log with a message field
- inode_
access_ log - Log for various events that access a dentry or and inode(file_open, inode_permission)
- kernel_
load_ data_ log - Log for a kernel_load_data() LSM hook event
- kernel_
module_ request_ log - Log for a kernel_module_request() LSM hook event
- kernel_
read_ file_ log - Log for a kernel_read_file() LSM hook event
- log_hdr
- Header attached to every log message.
- ptrace_
access_ check_ log - Log for a ptrace_access_check() LSM hook event
- sb_
umount_ log - Log a sb_umount() syscall
- task_
kill_ log - Log a task_kill() LSM hook event
Enums§
- Event
Type - The link between a program’s log structure and the logging system.
- Inode
Action - Identifies a type of action taken on an inode
- LogLevel
- Standard log levels indicating the severity of the message.
- LogReason
- Standard reasons as to why a log is being output.
Constants§
Statics§
- LOG_
FILTER - LOG_
LEVEL - Static global to use within ringbuffer callbacks
Functions§
- char_
array_ to_ str - Utility function which attempts to decode an array of signed bytes (char[] in C) into a UTF-8 string.
- log
- Outputs a [tracing::Event] according to the log level.
- log_
header - Attempts to transmute raw bytes into a log_hdr
- setup_
logger - Builds and reads from an eBPF ringbuffer.