From 677217d3bac12c3c3176b87ed16264065f8adccc Mon Sep 17 00:00:00 2001 From: ddbnl Date: Mon, 2 May 2022 13:27:44 +0200 Subject: [PATCH] Docs update --- ConfigExamples/fullConfig.yaml | 2 +- README.md | 7 ++++--- Source/AuditLogCollector.py | 2 +- Source/RustEngine/README.md | 1 - pip_requirements_linux.txt | Bin 0 -> 1620 bytes ...quirements.txt => pip_requirements_win.txt | Bin 1792 -> 1756 bytes 6 files changed, 6 insertions(+), 6 deletions(-) delete mode 100644 Source/RustEngine/README.md create mode 100644 pip_requirements_linux.txt rename Source/requirements.txt => pip_requirements_win.txt (97%) diff --git a/ConfigExamples/fullConfig.yaml b/ConfigExamples/fullConfig.yaml index f6926f6..1626763 100644 --- a/ConfigExamples/fullConfig.yaml +++ b/ConfigExamples/fullConfig.yaml @@ -2,7 +2,7 @@ log: # Log settings. Debug will severely decrease performance path: 'collector.log' debug: False collect: # Settings determining which audit logs to collect and how to do it - rustEngine: False # Use True to turn on the experimental far faster Rust engine + rustEngine: True # Use False to revert to the old Python engine. If running from python instead of executable, make sure to install the python wheel in the RustEngineWheels folder schedule: 0 1 0 # How often to run in days/hours/minutes. Delete this line to just run once and exit. contentTypes: Audit.General: True diff --git a/README.md b/README.md index 44b3987..26c2624 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,12 @@ # Anouncement: -To improve performance the engine of the log collector has been rewritten in Rust. Consider downloading the newest -executable and using the following setting in your config: +To improve performance (10x) and reliability the engine of the log collector has been rewritten in Rust. Consider downloading the newest +executable to automatically use it. To turn off the new engine (in case of issues or for whatever reason), use the following +in your config.yaml: ``` collect: - rustEngine: True + rustEngine: False ``` In my own tests the Rust engine has been at least 5x faster. The default is still Python so people can test the new engine first. If you run into any problems, please remove the setting to revert back to the old engine, and consider creating an issue here on Github so I can fix it. diff --git a/Source/AuditLogCollector.py b/Source/AuditLogCollector.py index d6f6d04..96f8c1a 100644 --- a/Source/AuditLogCollector.py +++ b/Source/AuditLogCollector.py @@ -68,7 +68,7 @@ def run_once(self): self._prepare_to_run() logging.log(level=logging.INFO, msg='Starting run @ {}. Content: {}.'.format( datetime.datetime.now(), self.config['collect', 'contentTypes'])) - if self.config['collect', 'rustEngine']: + if not self.config['collect', 'rustEngine'] is False: self._start_interfaces() self.receive_results_from_rust_engine() self._stop_interfaces(force=False) diff --git a/Source/RustEngine/README.md b/Source/RustEngine/README.md deleted file mode 100644 index 4898032..0000000 --- a/Source/RustEngine/README.md +++ /dev/null @@ -1 +0,0 @@ -Experiment porting AuditLogCollector to rust. \ No newline at end of file diff --git a/pip_requirements_linux.txt b/pip_requirements_linux.txt new file mode 100644 index 0000000000000000000000000000000000000000..d743e7d52f17d78078a337aef5cd2973dc7066ee GIT binary patch literal 1620 zcmZWp!EVz~5Zp5opOUDy18ol+D)m%>RMZnEaBLGlpw7nwGdq5MZBS$<%A1{? zo!z&8|CH8Ru)Q6vw85V213nkFw#+W^&h4$e!O6*f0#Vz_D(n3hahW3uN1x+%hzfXC z{@x->ZKJbiU|k!dF8*U5fhKvM5XL5)x6 zeNh%w8nZM|(V;3vvsZ;X)40RxZDOW2Iedrn-0o3n%z8PWbWn3ZMLN;sXbz~ipZoaa zE~?+mDi?_ufT-*{-h24m;mr){owO0rL3KHM!W^6cRXm_t_LOs|$k_R7U?KyjL(Gh3 zM>J{FUAYEz{y1}xU6r%uJu0N9VOEglHENjb8_uZooQJnfOw84zjx92(a?Xt+Qsufo zYxF!}8vE_u6i}ra^SLsryGKsO?-uR4OR@IJ9-yCjg5BCjN6`gl+ALWD=D!Ea%AF3V zH%_85Qc?1J0@rEIN5ADrRLnE-)Tod1SRp&_viL`2YM_X`x*O`qfOGB%b%vFFu^am| zE9NZfgp5C+j(g{2M{>Vy^7gVDHc??u>)qjL4UEML^7ee7q4~!SM_^ delta 42 scmcb^+rYOWhe@~