monadical/greywall
Archived
13
0
Fork 0
Code Issues Pull Requests 1 Actions 2 Packages Projects Releases Wiki Activity

Refine log monitoring predicate to filter for specific session violations

Browse Source
This commit is contained in:
JY Tan
2025-12-19 12:24:01 -08:00
parent 34d6e51c4b
commit b220c42614
1 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
internal/sandbox/monitor.go
View File

@@ -42,12 +42,10 @@ func (m *LogMonitor) Start() error {
ctx, cancel := context.WithCancel(context.Background())
m.cancel = cancel
// Build predicate to filter for our session's violations
// Note: We use the broader "_SBX" suffix to ensure we capture events
// even if there's a slight delay in log delivery
predicate := `eventMessage ENDSWITH "_SBX"`
// Build predicate to filter for this session's violations only
predicate := fmt.Sprintf(`eventMessage ENDSWITH "%s"`, m.sessionSuffix)
m.cmd = exec.CommandContext(ctx, "log", "stream",
m.cmd = exec.CommandContext(ctx, "log", "stream", //nolint:gosec // predicate is constructed from trusted session suffix
"--predicate", predicate,
"--style", "compact",
)