Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Project Idea] Upgrading event-generator and automating Falco performance testing #362

Open
jasondellaluce opened this issue Feb 9, 2024 · 18 comments
Labels
kind/feature New feature or request

Comments

@jasondellaluce
Copy link
Contributor

Description

Falco is a real-time security tool designed to detect abnormal behaviours and security-related runtime events in Linux systems and the cloud. The event-generator is an utility within the Falco ecosystem that helps testing Falco’s detection capabilities. The tool also has benchmark capabilities that represent a building block of the Falco performance testing practices. However, the project received less attention than required in the past few years and would require some care and renovation. This Google Summer of Code project proposes upgrading the event-generator to improve its testing and benchmarking capabilities, its reliability, and its consistency, and developing new Continuous Integration pipelines based on it. The end goal is to evolve the event-generator and make it the standard tool for systematically assessing the correctness and performance of Falco’s threat detection capabilities at every release and development cycle

Expected outcome

The project will result in an extended version of the event-generator tool that reliably generates a consistent number of events per second and stresses the most common detection scenarios of Falco. This enhanced utility will be integrated into Falco’s Continuous Integration (CI) pipeline, allowing for efficient systematic monitoring of performance regressions while ensuring alignment with past benchmarking results. Eventually, this could originate new performance optimizations in Falco itself. A stretch goal for the mentee would be to become an official maintainer of the event-generator project and/or of other repositories of the Falco ecosystem

Recommended Skills

Go programming language, familiarity with continuous integration, understanding of performance benchmarking concepts

cc @alacuku

@jasondellaluce jasondellaluce added the kind/feature New feature or request label Feb 9, 2024
@jasondellaluce
Copy link
Contributor Author

This has been proposed to the CNCF org for the Google Summer of Code 2024 in cncf/mentoring#1169

@octonawish-akcodes
Copy link

Hi @jasondellaluce I am interested in this issue, can you provide some resources to better understand the issue?

@alacuku
Copy link
Member

alacuku commented Feb 16, 2024

Hey @octonawish-akcodes, I would suggest having a look to these docs: https://github.com/falcosecurity/event-generator#benchmark and more in general to Falco and event-generator.

@leogr
Copy link
Member

leogr commented Feb 23, 2024

As the creator of the event-generator, I'm just more than happy to see this. 🤩
I will be happy to share my knowledge and help.

@vax-r
Copy link

vax-r commented Feb 26, 2024

Hello @jasondellaluce , @leogr .
I am looking forward to become a GSoC student in this project !

@h4l0gen
Copy link

h4l0gen commented Feb 27, 2024

Hey @jasondellaluce , @leogr, @alacuku, It's great that Falco participating in the upcoming GSoC event. I am looking forward to making more contributions to Falco with this opportunity 😀❤️

@Ayush9026
Copy link

Hi @jasondellaluce sir i am also interested in this project for GSoC 2024.

1 similar comment
@Ayush9026
Copy link

Hi @jasondellaluce sir i am also interested in this project for GSoC 2024.

@jasondellaluce
Copy link
Contributor Author

Hi everyone! Love to see good interest in the project! Please make sure to follow the GSoC application process, we're looking forward to seeing this project succeed!

@praveen-rikhari
Copy link

Hello @leogr @jasondellaluce @alacuku I hope this message finds you well. My name is Parveen Rikhari, and I've recently come across the Falco Event Generator project on GitHub. I'm keen on contributing to this project and have been considering it for my GSoC 2024 proposal.It would be incredibly beneficial if you could provide guidance on the event generator project, as it will enable me to learn, contribute, and enhance my proposal.

Thank you

@leogr
Copy link
Member

leogr commented Mar 11, 2024

Hey folks, I'm very happy to see all this interest in the event generator. By the way, I'm receiving a lot of private requests asking for guidance on the event generator. I would recommend you all open an issue on the project repository and ask your questions. In this way, we will share the knowledge easily and quickly.

🙏

@GLVSKiriti
Copy link

GLVSKiriti commented Mar 27, 2024

Hello @jasondellaluce, @alacuku and @leogr,

I hope this message finds you well. As we delve deeper into our GSoC project, I would greatly appreciate it if we could discuss in more detail about the specific tasks we'll be tackling beyond the integration of the event-generator into the Falco CI pipeline

Like what exactly "upgrading the event-generator" means, only adding wide range of events(That triggers default falco rules)? Or is there anything more to tackle?

If you can share anything more about this project idea it would be more helpful for us 😀❤️

@poiana
Copy link
Contributor

poiana commented Jun 25, 2024

Issues go stale after 90d of inactivity.

Mark the issue as fresh with /remove-lifecycle stale.

Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Provide feedback via https://github.com/falcosecurity/community.

/lifecycle stale

@alacuku
Copy link
Member

alacuku commented Jun 26, 2024

/remove-lifecycle stale

@poiana
Copy link
Contributor

poiana commented Sep 24, 2024

Issues go stale after 90d of inactivity.

Mark the issue as fresh with /remove-lifecycle stale.

Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Provide feedback via https://github.com/falcosecurity/community.

/lifecycle stale

@leogr
Copy link
Member

leogr commented Sep 26, 2024

/remove-lifecycle stale

@poiana
Copy link
Contributor

poiana commented Dec 25, 2024

Issues go stale after 90d of inactivity.

Mark the issue as fresh with /remove-lifecycle stale.

Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Provide feedback via https://github.com/falcosecurity/community.

/lifecycle stale

@leogr
Copy link
Member

leogr commented Jan 7, 2025

/remove-lifecycle stale

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/feature New feature or request
Projects
None yet
Development

No branches or pull requests

10 participants