Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add New CLI: traceectl #4419

Open
8 tasks done
ShohamBit opened this issue Dec 8, 2024 · 6 comments · May be fixed by #4396
Open
8 tasks done

Add New CLI: traceectl #4419

ShohamBit opened this issue Dec 8, 2024 · 6 comments · May be fixed by #4396
Assignees
@ShohamBit
Labels
area/api area/grpc area/UX kind/documentation kind/feature
Milestone
v0.24.0

Comments

@ShohamBit
Copy link
Collaborator

ShohamBit commented Dec 8, 2024
edited
Loading

Add New CLI: traceectl

Description

Introduce a new client called traceectl for managing Tracee's policies, events, streams, plugins, and diagnostics. This CLI tool will provide structured and user-friendly commands for Tracee users to interact with its various components efficiently.

Design Overview

traceectl will be organized into several management categories: Policy Management, Event Management, Stream Management, Plugin Management, and Additional Commands. Each category will have well-defined subcommands to perform specific actions. The CLI will follow a consistent command structure for ease of use.

Event Management

  • Commands:
    • traceectl event list: List all available event definitions.
    • traceectl event describe <event_name>: Get detailed information about a specific event.
    • traceectl event enable <event_name>: Enable capturing of a specific event.
    • traceectl event disable <event_name>: Disable capturing of a specific event.

Stream Management

  • Commands:
    • `traceectl stream : stream events from tracee

Additional Commands

  • traceectl metrics [--output <format>]: Retrieve Tracee's performance metrics.
  • traceectl version: Display the version of traceectl.

Usage

traceectl [flags] [options]

Use traceectl <command> --help for more details about a specific command.
Use traceectl options to view global command-line options.

Global Flags

  • -h, --help: Help for traceectl.
  • -s, --server='': Address and port of the Tracee server.

Implementation Plan

  1. Design the traceectl CLI framework using Cobra.
  2. Implement core commands (Policy Management, Event Management, Stream Management, Plugin Management).
  3. Add global flags and logging verbosity support.
  4. Create unit tests and mock environments for each command.
  5. Document usage examples and integrate --help output for all commands.
  6. Test the CLI in real-world scenarios and refine the UX.

Tasks

General

  • Create the traceectl repository.

Event Management

  • Implement event list command.
  • Implement event describe command.
  • Implement event enable command.
  • Implement event disable command.
  • NOTE: I have decided to compile event list and describe to 1 command

Stream Management

  • Implement stream command.

Additional Commands

  • Implement metrics command.
  • Implement version command.

Additional Notes

This issue tracks the development of traceectl as a central client for interacting with Tracee.
@ShohamBit ShohamBit linked a pull request Dec 8, 2024 that will close this issue
Open
@yanivagman yanivagman added this to the v0.23.0 milestone Dec 8, 2024
@yanivagman yanivagman linked a pull request Dec 12, 2024 that will close this issue
add traceectl to tracee #4396
Open
@yanivagman yanivagman modified the milestones: v0.23.0, v0.24.0 Jan 15, 2025
@hanshal101
Copy link

Hey @ShohamBit , is this issue still active? If yes I would like to work on this!

@itaysk
Copy link
Collaborator

itaysk commented Feb 10, 2025

hi @hanshal101 yes this is still active. @ShohamBit perhaps it's best to work in increments: build the basic mechanisms and implement the basic functionality, and then the community can help implement additional areas in parrallel wdyt?

@hanshal101
Copy link

hanshal101 commented Feb 10, 2025
edited
Loading

hi @hanshal101 yes this is still active. @ShohamBit perhaps it's best to work in increments: build the basic mechanisms and implement the basic functionality, and then the community can help implement additional areas in parrallel wdyt?

Yup, this sounds good. I had one doubt since Shobham had already created a traceectl repo on his account, but it's archived now, so should I create the traceectl repo on mine or is there any repo already created? Also, are there any communication channels like Slack or Discord? It would be great if you could provide me with the link.

@ShohamBit
Copy link
Collaborator Author

hi @hanshal101 yes this is still active. @ShohamBit perhaps it's best to work in increments: build the basic mechanisms and implement the basic functionality, and then the community can help implement additional areas in parrallel wdyt?

I think its a good idea. I already build the fundamentals if traceectl and ther is an open pr about it, waitng for review.

I think that is a greatr idea that the community could help, but first marge the traceectl pr

After that i would make checks on how easy is it to add new features and then i think it will be greate to open for community support

@ShohamBit
Copy link
Collaborator Author

hi @hanshal101 yes this is still active. @ShohamBit perhaps it's best to work in increments: build the basic mechanisms and implement the basic functionality, and then the community can help implement additional areas in parrallel wdyt?

Yup, this sounds good. I had one doubt since Shobham had already created a traceectl repo on his account, but it's archived now, so should I create the traceectl repo on mine or is there any repo already created? Also, are there any communication channels like Slack or Discord? It would be great if you could provide me with the link.

Traceectl repo was the first veraion of traceectl, the thought process was to add traceectl as a submodule but then it vhabed to a new thing inside cmd. It is still a stand alone project but now under tracee/cmd

Traceectl went on cupple of veraion before it reached the current state, you can review it's pr

@hanshal101
Copy link

Traceectl went on cupple of veraion

sure, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ShohamBit ShohamBit

Labels
area/api area/grpc area/UX kind/documentation kind/feature
Projects
None yet
Milestone
v0.24.0
Development

Successfully merging a pull request may close this issue.

add traceectl to tracee ShohamBit/tracee
4 participants
@itaysk @yanivagman @hanshal101 @ShohamBit