Add LOG_DIR + LOG_FILE arguments

tsigouris007 · Mar 7, 2024 · 4aa6cd7 · 4aa6cd7
1 parent f892016
commit 4aa6cd7
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 6 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -5,6 +5,17 @@ ENV WORKDIR="/home/user"
 ARG CLIENT_ID=""
 ARG CLIENT_SECRET=""
 ARG API_BASE_URL=""
+# The LOG_DIR has to be the directory until the LOG_FILE
+# By default the LOG_FILE writes to stdout
+# Example:
+# LOG_DIR="/var/log/crowdstrike/falconhoseclient/"
+# LOG_FILE="output"
+ARG LOG_DIR=""
+ARG LOG_FILE="/dev/stdout"
+
+# Pass them to the environment
+ENV LOG_DIR=$LOG_DIR
+ENV LOG_FILE=$LOG_FILE
 
 USER root
 
@@ -20,15 +31,14 @@ RUN apt-get update && apt-get install -y gettext-base curl
 COPY deb/crowdstrike-cs-falconhoseclient_2.18.0_amd64.deb "${WORKDIR}/crowdstrike.deb"
 RUN dpkg -i "${WORKDIR}/crowdstrike.deb"
 
-RUN mkdir -p /var/log/pods/falconhoseclient
+RUN if [ ! -z "${LOG_DIR}" ]; then mkdir -p "${LOG_DIR}"; fi
 
 # Prepare a simple user instead of root
 RUN groupadd -g 1000 user && useradd -r -u 1000 -g user user
 RUN chown -R user:user /var/log/crowdstrike/falconhoseclient
 RUN chmod -R 755 /var/log/crowdstrike/falconhoseclient
 RUN chown -R user:user /opt/crowdstrike/etc
-RUN chown -R user:user /var/log/pods/falconhoseclient
-RUN chmod -R 755 /var/log/pods/falconhoseclient
+RUN if [ ! -z "${LOG_DIR}" ]; then chown -R user:user "${LOG_DIR}"; chmod -R 755 "${LOG_DIR}"; fi
 
 WORKDIR "${WORKDIR}"
 

diff --git a/cfg/cs.falconhoseclient.cfg.template b/cfg/cs.falconhoseclient.cfg.template
@@ -32,8 +32,7 @@ output_format = json
 # Will be true regardless if Syslog is not enabled
 # If path does not exist or user has no permission, log file will be used
 output_to_file = true
-#output_path = /dev/stdout
-output_path = /var/log/pods/falconhoseclient/events.log
+output_path = $LOG_DIR$LOG_FILE
 
 # Offset file full filepath and filename
 offset_path = /var/log/crowdstrike/falconhoseclient/stream_offsets

diff --git a/entrypoint.sh b/entrypoint.sh
@@ -27,8 +27,13 @@ if [ -z "$CLIENT_ID" ] || [ -z "$CLIENT_SECRET" ] || [ -z "$API_BASE_URL" ]; the
   exit 1
 fi
 
+if [ -z "$LOG_DIR" ] && [ -z "$LOG_FILE" ]; then
+  LOG_DIR=""
+  LOG_FILE="/dev/stdout"
+fi
+
 # Substitute things properly
-export $(echo "CLIENT_ID=$CLIENT_ID CLIENT_SECRET=$CLIENT_SECRET API_BASE_URL=$API_BASE_URL") && envsubst < "${WORKDIR}/${CONFIG}.template" > "${CONFIGDIR}/${CONFIG}"
+export $(echo "CLIENT_ID=$CLIENT_ID CLIENT_SECRET=$CLIENT_SECRET API_BASE_URL=$API_BASE_URL LOG_DIR=$LOG_DIR LOG_FILE=$LOG_FILE") && envsubst < "${WORKDIR}/${CONFIG}.template" > "${CONFIGDIR}/${CONFIG}"
 
 # Run the client
 cs.falconhoseclient -nodaemon -config="${CONFIGDIR}/${CONFIG}" 2>&1