From 8eef3dbb8194f97979642d1ff480120d14dbeb57 Mon Sep 17 00:00:00 2001
From: Melissa Kilby <melissa.kilby.oss@gmail.com>
Date: Wed, 15 May 2024 20:01:03 +0000
Subject: [PATCH 1/2] new(engine): add print_enabled_rules_falco_logger when
 log_level debug

Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
---
 userspace/engine/evttype_index_ruleset.cpp | 19 ++++++++++++++++++-
 userspace/engine/evttype_index_ruleset.h   |  9 +++++++++
 2 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/userspace/engine/evttype_index_ruleset.cpp b/userspace/engine/evttype_index_ruleset.cpp
index abbe8192186..8c75e89c637 100644
--- a/userspace/engine/evttype_index_ruleset.cpp
+++ b/userspace/engine/evttype_index_ruleset.cpp
@@ -19,6 +19,8 @@ limitations under the License.
 
 #include "falco_utils.h"
 
+#include "../falco/logger.h"
+
 #include <algorithm>
 
 evttype_index_ruleset::evttype_index_ruleset(
@@ -225,7 +227,22 @@ void evttype_index_ruleset::add(
 
 void evttype_index_ruleset::on_loading_complete()
 {
-	// nothing to do for now
+	print_enabled_rules_falco_logger();
+}
+
+void evttype_index_ruleset::print_enabled_rules_falco_logger()
+{
+	falco_logger::log(falco_logger::level::DEBUG, "Enabled rules:\n");
+	for (const auto& ruleset_ptr : m_rulesets)
+	{
+		if (ruleset_ptr)
+		{
+			for (const auto& wrap : ruleset_ptr->get_filters())
+			{
+				falco_logger::log(falco_logger::level::DEBUG, std::string("   ") + wrap->rule.name + "\n");
+			}
+		}
+	}
 }
 
 void evttype_index_ruleset::clear()
diff --git a/userspace/engine/evttype_index_ruleset.h b/userspace/engine/evttype_index_ruleset.h
index bf7b71a7c3a..01ac4e3000c 100644
--- a/userspace/engine/evttype_index_ruleset.h
+++ b/userspace/engine/evttype_index_ruleset.h
@@ -52,6 +52,10 @@ class evttype_index_ruleset: public filter_ruleset
 
 	void on_loading_complete() override;
 
+	// Print each enabled rule when running Falco with falco logger
+	// log_level=debug; invoked within on_loading_complete()
+	void print_enabled_rules_falco_logger();
+
 	void enable(
 		const std::string &pattern,
 		match_type match,
@@ -118,6 +122,11 @@ class evttype_index_ruleset: public filter_ruleset
 
 		uint64_t num_filters();
 
+		inline const std::set<std::shared_ptr<filter_wrapper>>& get_filters() const
+		{
+			return m_filters;
+		}
+
 		// Evaluate an event against the ruleset and return the first rule
 		// that matched.
 		bool run(sinsp_evt *evt, falco_rule& match);

From 90f05d97884adbfc04e9907a6520948ad2224c90 Mon Sep 17 00:00:00 2001
From: Melissa Kilby <melissa.kilby.oss@gmail.com>
Date: Thu, 16 May 2024 06:52:17 +0000
Subject: [PATCH 2/2] cleanup(engine): print total number of enabled rules

Signed-off-by: Melissa Kilby <melissa.kilby.oss@gmail.com>
---
 userspace/engine/evttype_index_ruleset.cpp | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/userspace/engine/evttype_index_ruleset.cpp b/userspace/engine/evttype_index_ruleset.cpp
index 8c75e89c637..2a88fb10c8d 100644
--- a/userspace/engine/evttype_index_ruleset.cpp
+++ b/userspace/engine/evttype_index_ruleset.cpp
@@ -233,16 +233,19 @@ void evttype_index_ruleset::on_loading_complete()
 void evttype_index_ruleset::print_enabled_rules_falco_logger()
 {
 	falco_logger::log(falco_logger::level::DEBUG, "Enabled rules:\n");
+	int n = 0;
 	for (const auto& ruleset_ptr : m_rulesets)
 	{
 		if (ruleset_ptr)
 		{
 			for (const auto& wrap : ruleset_ptr->get_filters())
 			{
+				n++;
 				falco_logger::log(falco_logger::level::DEBUG, std::string("   ") + wrap->rule.name + "\n");
 			}
 		}
 	}
+	falco_logger::log(falco_logger::level::DEBUG, "(" + std::to_string(n) + ") enabled rules in total\n");
 }
 
 void evttype_index_ruleset::clear()