env vars wasn't used, needed to init some of them and renamed it to fix

README.md

@@ -49,23 +49,23 @@ Configuration is made by *file (yaml)* and *env vars*, both can be used but *env
 See **config_example.yaml** :
 
 ```yaml
-# listen_port: 2801 #port to listen for daemon (default: 2801)
+#listen_port: 2801 #port to listen for daemon (default: 2801)
 debug: false #if true all outputs will print in stdout the payload they send (default: false)
 
 slack:
-  webhook_url: "" # Slack WebhookURL (ex: https://hooks.slack.com/services/XXXX/YYYY/ZZZZ), if not empty, Slack output is enabled
+  webhookurl: "" # Slack WebhookURL (ex: https://hooks.slack.com/services/XXXX/YYYY/ZZZZ), if not empty, Slack output is enabled
   #footer: "" #Slack footer
   #icon: "" #Slack icon (avatar)
-  output_format: "text" # all (default), text, fields
+  outputformat: "text" # all (default), text, fields
 
 datadog:
-  #api_key: ""  #Datadog API Key, if not empty, Datadog output is enabled
+  #apikey: ""  #Datadog API Key, if not empty, Datadog output is enabled
 
 alertmanager:
-  # host_port: "" # http://{domain or ip}:{port}, if not empty, Alertmanager output is enabled
+  # hostport: "" # http://{domain or ip}:{port}, if not empty, Alertmanager output is enabled
 
 elasticsearch:
-  # host_port: "" # http://{domain or ip}:{port}, if not empty, Elasticsearch output is enabled
+  # hostport: "" # http://{domain or ip}:{port}, if not empty, Elasticsearch output is enabled
   # index: "falco" # index (default: falco)
   # type: "event" 
 ```
@@ -88,13 +88,13 @@ The *env vars* "match" field names in *yaml file with this structure (**take car
 
 * **LISTEN_PORT** : port to listen for daemon (default: 2801)
 * **DEBUG** : if *true* all outputs will print in stdout the payload they send (default: false)
-* **SLACK_WEBHOOK_URL** : Slack WebhookURL (ex: https://hooks.slack.com/services/XXXX/YYYY/ZZZZ), if not `empty`, Slack output is *enabled*
+* **SLACK_WEBHOOKURL** : Slack WebhookURL (ex: https://hooks.slack.com/services/XXXX/YYYY/ZZZZ), if not `empty`, Slack output is *enabled*
 * **SLACK_FOOTER** : Slack footer
 * **SLACK_ICON** : Slack icon (avatar)
-* **SLACK_OUTPUT_FORMAT** : `all` (default), `text` (only text is displayed in Slack), `fields` (only fields are displayed in Slack)
-* **DATADOG_API_KEY** : Datadog API Key, if not `empty`, Datadog output is *enabled*
-* **ALERTMANAGER_HOST_PORT** : AlertManager http://host:port, if not `empty`, AlertManager is *enabled*
-* **ELASTICSEARCH_HOST_PORT** : Elasticsearch http://host:port, if not `empty`, Elasticsearch is *enabled*
+* **SLACK_OUTPUTFORMAT** : `all` (default), `text` (only text is displayed in Slack), `fields` (only fields are displayed in Slack)
+* **DATADOG_APIKEY** : Datadog API Key, if not `empty`, Datadog output is *enabled*
+* **ALERTMANAGER_HOSTPORT** : AlertManager http://host:port, if not `empty`, AlertManager is *enabled*
+* **ELASTICSEARCH_HOSTPORT** : Elasticsearch http://host:port, if not `empty`, Elasticsearch is *enabled*
 * **ELASTICSEARCH_INDEX** : Elasticsearch index (default: falco)
 * **ELASTICSEARCH_TYPE** : Elasticsearch document type (default: event)
 

config.go

@@ -19,10 +19,15 @@ func getConfig() *types.Configuration {
 	kingpin.Parse()
 
 	v := viper.New()
-	v.SetDefault("Listen_Port", 2801)
-	v.SetDefault("Slack_Output_Format", "all")
-	v.SetDefault("Elasticsearch_Index", "falco")
-	v.SetDefault("Elasticsearch_Type", "event")
+	v.SetDefault("ListenPort", 2801)
+	v.SetDefault("Debug", false)
+	v.SetDefault("Slack.WebhookURL", "")
+	v.SetDefault("SlackOutput.OutputFormat", "all")
+	v.SetDefault("Datadog.APIKey", "")
+	v.SetDefault("Alertmanager.HostPort", "")
+	v.SetDefault("Elasticsearch.HostPort", "")
+	v.SetDefault("Elasticsearch.Index", "falco")
+	v.SetDefault("Elasticsearch.Type", "event")
 
 	v.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))
 	v.AutomaticEnv()
@@ -40,7 +45,7 @@ func getConfig() *types.Configuration {
 	}
 	v.Unmarshal(c)
 
-	if c.Listen_Port == 0 || c.Listen_Port > 65536 {
+	if c.ListenPort == 0 || c.ListenPort > 65536 {
 		log.Fatalf("[ERROR] : Bad port number\n")
 	}
 

config_example.yaml

@@ -1,19 +1,19 @@
-# listen_port: 2801 #port to listen for daemon (default: 2801)
+# listenport: 2801 #port to listen for daemon (default: 2801)
 debug: false #if true all outputs will print in stdout the payload they send (default: false)
 
 slack:
-  webhook_url: "" # Slack WebhookURL (ex: https://hooks.slack.com/services/XXXX/YYYY/ZZZZ), if not empty, Slack output is enabled
+  webhookurl: "" # Slack WebhookURL (ex: https://hooks.slack.com/services/XXXX/YYYY/ZZZZ), if not empty, Slack output is enabled
   #footer: "" #Slack footer
   #icon: "" #Slack icon (avatar)
-  output_format: "text" # all (default), text, fields
+  outputformat: "text" # all (default), text, fields
 
 datadog:
-  #api_key: ""  #Datadog API Key, if not empty, Datadog output is enabled
+  #apikey: ""  #Datadog API Key, if not empty, Datadog output is enabled
 
 alertmanager:
-  # host_port: "" # http://{domain or ip}:{port}, if not empty, Alertmanager output is enabled
+  # hostport: "" # http://{domain or ip}:{port}, if not empty, Alertmanager output is enabled
 
 elasticsearch:
-  # host_port: "" # http://{domain or ip}:{port}, if not empty, Elasticsearch output is enabled
+  # hostport: "" # http://{domain or ip}:{port}, if not empty, Elasticsearch output is enabled
   # index: "falco" # index (default: falco)
   # type: "event" 

handlers.go

@@ -32,16 +32,16 @@ func mainHandler(w http.ResponseWriter, r *http.Request) {
 		log.Printf("[DEBUG] : Falco's payload : %v", string(body))
 	}
 
-	if config.Slack.Webhook_URL != "" {
+	if config.Slack.WebhookURL != "" {
 		go slackClient.SlackPost(falcopayload)
 	}
-	if config.Datadog.API_Key != "" {
+	if config.Datadog.APIKey != "" {
 		go datadogClient.DatadogPost(falcopayload)
 	}
-	if config.Alertmanager.Host_Port != "" {
+	if config.Alertmanager.HostPort != "" {
 		go alertmanagerClient.AlertmanagerPost(falcopayload)
 	}
-	if config.Elasticsearch.Host_Port != "" {
+	if config.Elasticsearch.HostPort != "" {
 		go elasticsearchClient.ElasticsearchPost(falcopayload)
 	}
 }
@@ -53,9 +53,9 @@ func pingHandler(w http.ResponseWriter, r *http.Request) {
 
 // testHandler sends a test event to all enabled outputs.
 func testHandler(w http.ResponseWriter, r *http.Request) {
-	testEvent := `{"output":"This is a test from falcosidekick","priority":"Debug","rule":"Test rule", "time":"`+time.Now().UTC().Format(time.RFC3339)+`","output_fields": {"proc.name":"falcosidekick","user.name":"falcosidekick"}}`
+	testEvent := `{"output":"This is a test from falcosidekick","priority":"Debug","rule":"Test rule", "time":"`+time.Now().UTC().Format(time.RFC3339)+`","outputfields": {"proc.name":"falcosidekick","user.name":"falcosidekick"}}`
 
-	resp, err := http.Post("http://localhost:"+strconv.Itoa(config.Listen_Port), "application/json", bytes.NewBuffer([]byte(testEvent)))
+	resp, err := http.Post("http://localhost:"+strconv.Itoa(config.ListenPort), "application/json", bytes.NewBuffer([]byte(testEvent)))
 	if err != nil {
 		log.Printf("[DEBUG] : Test Failed. Falcosidekick can't call itself\n")
 	}

main.go

@@ -18,38 +18,38 @@ func init() {
 	config = getConfig()
 
 	enabledOutputsText := "[INFO]  : Enabled Outputs : "
-	if config.Slack.Webhook_URL != "" {
+	if config.Slack.WebhookURL != "" {
 		var err error
-		slackClient, err = outputs.NewClient("Slack", config.Slack.Webhook_URL, config.Debug)
+		slackClient, err = outputs.NewClient("Slack", config.Slack.WebhookURL, config.Debug)
 		if err != nil {
-			config.Slack.Webhook_URL = ""
+			config.Slack.WebhookURL = ""
 		} else {
 			enabledOutputsText += "Slack "
 		}
 	}
-	if config.Datadog.API_Key != "" {
+	if config.Datadog.APIKey != "" {
 		var err error
-		datadogClient, err = outputs.NewClient("Datadog", outputs.DatadogURL+"?api_key="+config.Datadog.API_Key, config.Debug)
+		datadogClient, err = outputs.NewClient("Datadog", outputs.DatadogURL+"?apikey="+config.Datadog.APIKey, config.Debug)
 		if err != nil {
-			config.Datadog.API_Key = ""
+			config.Datadog.APIKey = ""
 		} else {
 			enabledOutputsText += "Datadog "
 		}
 	}
-	if config.Alertmanager.Host_Port != "" {
+	if config.Alertmanager.HostPort != "" {
 		var err error
-		alertmanagerClient, err = outputs.NewClient("AlertManager", config.Alertmanager.Host_Port+outputs.AlertmanagerURI, config.Debug)
+		alertmanagerClient, err = outputs.NewClient("AlertManager", config.Alertmanager.HostPort+outputs.AlertmanagerURI, config.Debug)
 		if err != nil {
-			config.Alertmanager.Host_Port = ""
+			config.Alertmanager.HostPort = ""
 		} else {
 			enabledOutputsText += "AlertManager "
 		}
 	}
-	if config.Elasticsearch.Host_Port != "" {
+	if config.Elasticsearch.HostPort != "" {
 		var err error
-		elasticsearchClient, err = outputs.NewClient("Elasticsearch", config.Elasticsearch.Host_Port+"/"+config.Elasticsearch.Index+"/"+config.Elasticsearch.Type, config.Debug)
+		elasticsearchClient, err = outputs.NewClient("Elasticsearch", config.Elasticsearch.HostPort+"/"+config.Elasticsearch.Index+"/"+config.Elasticsearch.Type, config.Debug)
 		if err != nil {
-			config.Elasticsearch.Host_Port = ""
+			config.Elasticsearch.HostPort = ""
 		} else {
 			enabledOutputsText += "Elasticsearch "
 		}
@@ -63,9 +63,9 @@ func main() {
 	http.HandleFunc("/ping", pingHandler)
 	http.HandleFunc("/test", testHandler)
 
-	log.Printf("[INFO]  : Falco Sidekick is up and listening on port %v\n", config.Listen_Port)
+	log.Printf("[INFO]  : Falco Sidekick is up and listening on port %v\n", config.ListenPort)
 	log.Printf("[INFO]  : Debug mode : %v\n", config.Debug)
-	if err := http.ListenAndServe(":"+strconv.Itoa(config.Listen_Port), nil); err != nil {
+	if err := http.ListenAndServe(":"+strconv.Itoa(config.ListenPort), nil); err != nil {
 		log.Fatalf("[ERROR] : %v\n", err.Error())
 	}
 }

types/types.go

@@ -14,7 +14,7 @@ type FalcoPayload struct {
 }
 
 type Configuration struct {
-	Listen_Port   int
+	ListenPort    int
 	Debug         bool
 	Slack         slackOutputConfig
 	Datadog       datadogOutputConfig
@@ -24,25 +24,25 @@ type Configuration struct {
 
 type slackOutputConfig struct {
 	// Enabled       bool
-	Webhook_URL   string
-	Footer        string
-	Icon          string
-	Output_Format string
+	WebhookURL   string
+	Footer       string
+	Icon         string
+	OutputFormat string
 }
 
 type datadogOutputConfig struct {
 	// Enabled bool
-	API_Key string
+	APIKey string
 }
 
 type alertmanagerOutputConfig struct {
 	// Enabled   bool
-	Host_Port string
+	HostPort string
 }
 
 type elasticsearchOutputConfig struct {
 	// Enabled   bool
-	Host_Port string
-	Index     string
-	Type      string
+	HostPort string
+	Index    string
+	Type     string
 }