diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 20:34:10 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 20:34:10 +0000 |
| commit | e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc (patch) | |
| tree | 68cb5ef9081156392f1dd62a00c6ccc1451b93df /docbook/logray-quick-start.adoc | |
| parent | Initial commit. (diff) | |
| download | wireshark-e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc.tar.xz wireshark-e4ba6dbc3f1e76890b22773807ea37fe8fa2b1bc.zip | |
Adding upstream version 4.2.2.upstream/4.2.2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'docbook/logray-quick-start.adoc')
| -rw-r--r-- | docbook/logray-quick-start.adoc | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/docbook/logray-quick-start.adoc b/docbook/logray-quick-start.adoc new file mode 100644 index 00000000..2e053c64 --- /dev/null +++ b/docbook/logray-quick-start.adoc @@ -0,0 +1,57 @@ += Logray Quick Start + +Logray is a sibling application for Wireshark which focuses on log messages. +It helps people understand, troubleshoot, and secure their systems via log messages similar to the way Wireshark helps people understand, troubleshoot, and secure their networks via packets. + +This document provides brief instructions for building Logray until more complete documentation comparable to the Wireshark Developer’s and User’s Guides can be written. + +== Building Logray + +Logray requires the same build environment as Wireshark. +See the https://www.wireshark.org/docs/wsdg_html_chunked/[Wireshark Developer’s Guide] for instructions on setting that up. + +It additionally requires libsinsp and libscap from https://github.com/falcosecurity/libs/[falcosecurity/libs] and any desired plugins from https://github.com/falcosecurity/plugins/[falcosecurity/plugins]. + +In order to build Logray, do the following: + +1. https://falco.org/docs/getting-started/source/[Build falcosecurity/libs]. + +2. Build falcosecurity/plugins. + +3. Build the Wireshark sources with the following CMake options: ++ +-- +[horizontal] +BUILD_logray:: Must be enabled, e.g. set to ON +SINSP_INCLUDEDIR:: The path to your local falcosecurity/libs directory +SINSP_LIBDIR:: The path to your falcosecurity/libs build directory +-- + +4. Create a directory named `falco` in your Logray plugins directory, and either copy in or symlink any desired Falco plugins. + +.Example 1: Building on macOS using Ninja +[sh] +---- +cmake -G Ninja \ + -DBUILD_logray=ON \ + -DSINSP_INCLUDEDIR=/path/to/falcosecurity/libs \ + -DSINSP_LIBDIR=/path/to/falcosecurity/libs/build \ + .. +ninja +mkdir run/Logray.app/Contents/PlugIns/logray/3-7/falco +(cd run/Logray.app/Contents/PlugIns/logray/3-7/falco ; ln -sn /path/to/falcosecurity-plugins/plugins/cloudtrail/libcloudtrail.so ) +---- + +.Example 2: Building on Linux using Make +[sh] +---- +cmake \ + -DBUILD_logray=ON \ + -DSINSP_INCLUDEDIR=/path/to/falcosecurity/libs \ + -DSINSP_LIBDIR=/path/to/falcosecurity/libs/build \ + .. +make -j $(getconf _NPROCESSORS_ONLN) +mkdir run/plugins/3.7/falco +(cd run/plugins/3.7/falco ; ln -sn /path/to/falcosecurity-plugins/plugins/cloudtrail/libcloudtrail.so ) +---- + |