[CWS] remove hostname fetching logic from rule filter model

paulcacheux · paulcacheux · commit 3bc98a6caf65 · 2026-01-24T08:52:46.000+01:00
diff --git a/cmd/system-probe/modules/eventmonitor.go b/cmd/system-probe/modules/eventmonitor.go
@@ -64,7 +64,7 @@ func createEventMonitorModule(_ *sysconfigtypes.Config, deps module.FactoryDepen
 	}
 
 	if secconfig.RuntimeSecurity.IsRuntimeEnabled() {
-		cws, err := secmodule.NewCWSConsumer(evm, secconfig.RuntimeSecurity, deps.WMeta, deps.FilterStore, secmoduleOpts, deps.Compression, deps.Ipc)
+		cws, err := secmodule.NewCWSConsumer(evm, secconfig.RuntimeSecurity, deps.WMeta, deps.FilterStore, hostname, secmoduleOpts, deps.Compression, deps.Ipc)
 		if err != nil {
 			return nil, err
 		}
diff --git a/pkg/compliance/agent.go b/pkg/compliance/agent.go
@@ -21,7 +21,6 @@ import (
 
 	"github.com/shirou/gopsutil/v4/process"
 
-	ipc "github.com/DataDog/datadog-agent/comp/core/ipc/def"
 	workloadfilter "github.com/DataDog/datadog-agent/comp/core/workloadfilter/def"
 	workloadmeta "github.com/DataDog/datadog-agent/comp/core/workloadmeta/def"
 	"github.com/DataDog/datadog-agent/pkg/compliance/aptconfig"
@@ -115,7 +114,7 @@ type Agent struct {
 	telemetrySender telemetry.SimpleTelemetrySender
 	wmeta           workloadmeta.Component
 	filterStore     workloadfilter.Component
-	ipc             ipc.Component
+	hostname        string
 	opts            AgentOptions
 
 	telemetry  *telemetry.ContainersTelemetry
@@ -139,7 +138,7 @@ var seclRuleFilterError error
 // MakeDefaultRuleFilter implements the default filtering of benchmarks' rules. It
 // will exclude rules based on the evaluation context / environment running
 // the benchmark.
-func MakeDefaultRuleFilter(ipc ipc.Component) RuleFilter {
+func MakeDefaultRuleFilter(hostname string) RuleFilter {
 	isK8s := env.IsKubernetes()
 	xccdfEnabled := xccdfEnabled()
 
@@ -158,7 +157,7 @@ func MakeDefaultRuleFilter(ipc ipc.Component) RuleFilter {
 		}
 		if len(r.Filters) > 0 {
 			initSECRulerFilter.Do(func() {
-				seclRuleFilterValue, seclRuleFilterError = newSECLRuleFilter(ipc)
+				seclRuleFilterValue, seclRuleFilterError = newSECLRuleFilter(hostname)
 			})
 			if seclRuleFilterError != nil {
 				log.Errorf("failed to apply rule filters: %s", seclRuleFilterError)
@@ -179,7 +178,7 @@ func MakeDefaultRuleFilter(ipc ipc.Component) RuleFilter {
 }
 
 // NewAgent returns a new compliance agent.
-func NewAgent(telemetrySender telemetry.SimpleTelemetrySender, wmeta workloadmeta.Component, ipc ipc.Component, filterStore workloadfilter.Component, opts AgentOptions) *Agent {
+func NewAgent(telemetrySender telemetry.SimpleTelemetrySender, wmeta workloadmeta.Component, filterStore workloadfilter.Component, hostname string, opts AgentOptions) *Agent {
 	if opts.ConfigDir == "" {
 		panic("compliance: missing agent configuration directory")
 	}
@@ -195,7 +194,7 @@ func NewAgent(telemetrySender telemetry.SimpleTelemetrySender, wmeta workloadmet
 	if opts.CheckIntervalLowPriority <= 0 {
 		opts.CheckIntervalLowPriority = defaultCheckIntervalLowPriority
 	}
-	defaultRuleFilter := MakeDefaultRuleFilter(ipc)
+	defaultRuleFilter := MakeDefaultRuleFilter(hostname)
 	if ruleFilter := opts.RuleFilter; ruleFilter != nil {
 		opts.RuleFilter = func(r *Rule) bool { return defaultRuleFilter(r) && ruleFilter(r) }
 	} else {
@@ -205,7 +204,7 @@ func NewAgent(telemetrySender telemetry.SimpleTelemetrySender, wmeta workloadmet
 		telemetrySender: telemetrySender,
 		wmeta:           wmeta,
 		filterStore:     filterStore,
-		ipc:             ipc,
+		hostname:        hostname,
 		opts:            opts,
 		statuses:        make(map[string]*CheckStatus),
 	}
@@ -424,7 +423,7 @@ func (a *Agent) runKubernetesConfigurationsExport(ctx context.Context) {
 }
 
 func (a *Agent) runAptConfigurationExport(ctx context.Context) {
-	seclRuleFilter, err := newSECLRuleFilter(a.ipc)
+	seclRuleFilter, err := newSECLRuleFilter(a.hostname)
 	if err != nil {
 		log.Errorf("failed to run apt configuration export: %v", err)
 		return
diff --git a/pkg/compliance/cli/check.go b/pkg/compliance/cli/check.go
@@ -115,7 +115,7 @@ func RunCheck(log log.Component, config config.Component, _ secrets.Component, s
 	} else if checkArgs.Framework != "" {
 		benchDir, benchGlob = configDir, checkArgs.Framework+".yaml"
 	} else {
-		ruleFilter = compliance.MakeDefaultRuleFilter(ipc)
+		ruleFilter = compliance.MakeDefaultRuleFilter(hname)
 		benchDir, benchGlob = configDir, "*.yaml"
 	}
 
diff --git a/pkg/compliance/compliance.go b/pkg/compliance/compliance.go
@@ -78,7 +78,7 @@ func StartCompliance(log log.Component,
 	reporter := NewLogReporter(hostname, "compliance-agent", "compliance", endpoints, context, compression)
 	telemetrySender := telemetry.NewSimpleTelemetrySenderFromStatsd(statsdClient)
 
-	agent := NewAgent(telemetrySender, wmeta, ipc, filterStore, AgentOptions{
+	agent := NewAgent(telemetrySender, wmeta, filterStore, hostname, AgentOptions{
 		ResolverOptions:               resolverOptions,
 		ConfigDir:                     configDir,
 		Reporter:                      reporter,
diff --git a/pkg/compliance/rulefilter.go b/pkg/compliance/rulefilter.go
@@ -11,7 +11,6 @@ package compliance
 import (
 	"fmt"
 
-	ipc "github.com/DataDog/datadog-agent/comp/core/ipc/def"
 	"github.com/DataDog/datadog-agent/pkg/security/rules/filtermodel"
 	"github.com/DataDog/datadog-agent/pkg/security/secl/rules/filter"
 )
@@ -22,9 +21,9 @@ type seclRuleFilter struct {
 }
 
 // newSECLRuleFilter returns a new agent version based rule filter
-func newSECLRuleFilter(ipc ipc.Component) (*seclRuleFilter, error) {
+func newSECLRuleFilter(hostname string) (*seclRuleFilter, error) {
 	cfg := filtermodel.RuleFilterEventConfig{}
-	model, err := filtermodel.NewRuleFilterModel(cfg, ipc)
+	model, err := filtermodel.NewRuleFilterModel(cfg, hostname)
 	if err != nil {
 		return nil, fmt.Errorf("failed to create default SECL rule filter: %w", err)
 	}
diff --git a/pkg/security/module/cws.go b/pkg/security/module/cws.go
@@ -73,7 +73,7 @@ type CWSConsumer struct {
 }
 
 // NewCWSConsumer initializes the module with options
-func NewCWSConsumer(evm *eventmonitor.EventMonitor, cfg *config.RuntimeSecurityConfig, wmeta workloadmeta.Component, filterStore workloadfilter.Component, opts Opts, compression compression.Component, ipc ipc.Component) (*CWSConsumer, error) {
+func NewCWSConsumer(evm *eventmonitor.EventMonitor, cfg *config.RuntimeSecurityConfig, wmeta workloadmeta.Component, filterStore workloadfilter.Component, hostname string, opts Opts, compression compression.Component, ipc ipc.Component) (*CWSConsumer, error) {
 	crtelemcfg := telemetry.ContainersRunningTelemetryConfig{
 		RuntimeEnabled: cfg.RuntimeEnabled,
 		FIMEnabled:     cfg.FIMEnabled,
@@ -134,7 +134,7 @@ func NewCWSConsumer(evm *eventmonitor.EventMonitor, cfg *config.RuntimeSecurityC
 		listeners = append(listeners, selfTester)
 	}
 
-	c.ruleEngine, err = rulesmodule.NewRuleEngine(evm, cfg, evm.Probe, c.rateLimiter, c.apiServer, c, c.statsdClient, ipc, listeners...)
+	c.ruleEngine, err = rulesmodule.NewRuleEngine(evm, cfg, evm.Probe, c.rateLimiter, c.apiServer, c, c.statsdClient, hostname, ipc, listeners...)
 	if err != nil {
 		return nil, err
 	}
diff --git a/pkg/security/rules/engine.go b/pkg/security/rules/engine.go
@@ -69,6 +69,7 @@ type RuleEngine struct {
 	pid              uint32
 	wg               sync.WaitGroup
 	ipc              ipc.Component
+	hostname         string
 
 	// userspace filtering metrics (avoid statsd calls in event hot path)
 	noMatchCounters []atomic.Uint64
@@ -82,7 +83,7 @@ type APIServer interface {
 }
 
 // NewRuleEngine returns a new rule engine
-func NewRuleEngine(evm *eventmonitor.EventMonitor, config *config.RuntimeSecurityConfig, probe *probe.Probe, rateLimiter *events.RateLimiter, apiServer APIServer, sender events.EventSender, statsdClient statsd.ClientInterface, ipc ipc.Component, rulesetListeners ...rules.RuleSetListener) (*RuleEngine, error) {
+func NewRuleEngine(evm *eventmonitor.EventMonitor, config *config.RuntimeSecurityConfig, probe *probe.Probe, rateLimiter *events.RateLimiter, apiServer APIServer, sender events.EventSender, statsdClient statsd.ClientInterface, hostname string, ipc ipc.Component, rulesetListeners ...rules.RuleSetListener) (*RuleEngine, error) {
 	engine := &RuleEngine{
 		probe:            probe,
 		config:           config,
@@ -96,6 +97,7 @@ func NewRuleEngine(evm *eventmonitor.EventMonitor, config *config.RuntimeSecurit
 		statsdClient:     statsdClient,
 		rulesetListeners: rulesetListeners,
 		pid:              utils.Getpid(),
+		hostname:         hostname,
 		ipc:              ipc,
 	}
 
@@ -168,7 +170,7 @@ func (e *RuleEngine) Start(ctx context.Context, reloadChan <-chan struct{}) erro
 		COREEnabled: e.probe.Config.Probe.EnableCORE,
 		Origin:      e.probe.Origin(),
 	}
-	ruleFilterModel, err := filtermodel.NewRuleFilterModel(rfmCfg, e.ipc)
+	ruleFilterModel, err := filtermodel.NewRuleFilterModel(rfmCfg, e.hostname)
 	if err != nil {
 		return fmt.Errorf("failed to create rule filter: %w", err)
 	}
diff --git a/pkg/security/rules/filtermodel/rule_filters_model.go b/pkg/security/rules/filtermodel/rule_filters_model.go
@@ -9,9 +9,7 @@ package filtermodel
 import (
 	"reflect"
 
-	ipc "github.com/DataDog/datadog-agent/comp/core/ipc/def"
 	"github.com/DataDog/datadog-agent/pkg/security/secl/compiler/eval"
-	"github.com/DataDog/datadog-agent/pkg/security/utils/hostnameutils"
 )
 
 // RuleFilterEventConfig holds the config used by the rule filter event
@@ -68,11 +66,3 @@ func (m *RuleFilterModel) ValidateRule(_ *eval.Rule) error {
 func (m *RuleFilterModel) GetFieldRestrictions(_ eval.Field) []eval.EventType {
 	return nil
 }
-
-func getHostname(ipcComp ipc.Component) string {
-	hostname, err := hostnameutils.GetHostname(ipcComp)
-	if err != nil || hostname == "" {
-		hostname = "unknown"
-	}
-	return hostname
-}
diff --git a/pkg/security/rules/filtermodel/rule_filters_model_linux.go b/pkg/security/rules/filtermodel/rule_filters_model_linux.go
@@ -12,52 +12,52 @@ import (
 	"os"
 	"runtime"
 
-	ipc "github.com/DataDog/datadog-agent/comp/core/ipc/def"
 	"github.com/DataDog/datadog-agent/pkg/security/ebpf/kernel"
 	"github.com/DataDog/datadog-agent/pkg/security/secl/compiler/eval"
 )
 
 // RuleFilterEvent defines a rule filter event
 type RuleFilterEvent struct {
-	kv  *kernel.Version
-	cfg RuleFilterEventConfig
-	ipc ipc.Component
+	kv       *kernel.Version
+	cfg      RuleFilterEventConfig
+	hostname string
 }
 
 // RuleFilterModel defines a filter model
 type RuleFilterModel struct {
-	kv  *kernel.Version
-	cfg RuleFilterEventConfig
-	ipc ipc.Component
+	kv       *kernel.Version
+	cfg      RuleFilterEventConfig
+	hostname string
 }
 
 // NewRuleFilterModel returns a new rule filter model
-func NewRuleFilterModel(cfg RuleFilterEventConfig, ipc ipc.Component) (*RuleFilterModel, error) {
+func NewRuleFilterModel(cfg RuleFilterEventConfig, hostname string) (*RuleFilterModel, error) {
 	kv, err := kernel.NewKernelVersion()
 	if err != nil {
 		return nil, err
 	}
 	return &RuleFilterModel{
-		kv:  kv,
-		cfg: cfg,
-		ipc: ipc,
+		kv:       kv,
+		cfg:      cfg,
+		hostname: hostname,
 	}, nil
 }
 
 // NewRuleFilterModelWithKernelVersion returns a new rule filter model
-func NewRuleFilterModelWithKernelVersion(cfg RuleFilterEventConfig, kv *kernel.Version) *RuleFilterModel {
+func NewRuleFilterModelWithKernelVersion(cfg RuleFilterEventConfig, kv *kernel.Version, hostname string) *RuleFilterModel {
 	return &RuleFilterModel{
-		kv:  kv,
-		cfg: cfg,
+		kv:       kv,
+		cfg:      cfg,
+		hostname: hostname,
 	}
 }
 
 // NewEvent returns a new event
 func (m *RuleFilterModel) NewEvent() eval.Event {
 	return &RuleFilterEvent{
-		kv:  m.kv,
-		cfg: m.cfg,
-		ipc: m.ipc,
+		kv:       m.kv,
+		cfg:      m.cfg,
+		hostname: m.hostname,
 	}
 }
 
@@ -204,7 +204,7 @@ func (m *RuleFilterModel) GetEvaluator(field eval.Field, _ eval.RegisterID, _ in
 		}, nil
 	case "hostname":
 		return &eval.StringEvaluator{
-			Value: getHostname(m.ipc),
+			Value: m.hostname,
 			Field: field,
 		}, nil
 	case "kernel.core.enabled":
@@ -283,7 +283,7 @@ func (e *RuleFilterEvent) GetFieldValue(field eval.Field) (interface{}, error) {
 	case "origin":
 		return e.cfg.Origin, nil
 	case "hostname":
-		return getHostname(e.ipc), nil
+		return e.hostname, nil
 	case "kernel.core.enabled":
 		return e.cfg.COREEnabled && e.kv.SupportCORE(), nil
 	}
diff --git a/pkg/security/rules/filtermodel/rule_filters_model_other.go b/pkg/security/rules/filtermodel/rule_filters_model_other.go
@@ -12,35 +12,34 @@ import (
 	"os"
 	"runtime"
 
-	ipc "github.com/DataDog/datadog-agent/comp/core/ipc/def"
 	"github.com/DataDog/datadog-agent/pkg/security/secl/compiler/eval"
 )
 
 // RuleFilterEvent represents a rule filtering event
 type RuleFilterEvent struct {
-	cfg RuleFilterEventConfig
-	ipc ipc.Component
+	cfg      RuleFilterEventConfig
+	hostname string
 }
 
 // RuleFilterModel represents a rule fitlering model
 type RuleFilterModel struct {
-	cfg RuleFilterEventConfig
-	ipc ipc.Component
+	cfg      RuleFilterEventConfig
+	hostname string
 }
 
 // NewRuleFilterModel returns a new rule filtering model
-func NewRuleFilterModel(cfg RuleFilterEventConfig, ipc ipc.Component) (*RuleFilterModel, error) {
+func NewRuleFilterModel(cfg RuleFilterEventConfig, hostname string) (*RuleFilterModel, error) {
 	return &RuleFilterModel{
-		cfg: cfg,
-		ipc: ipc,
+		cfg:      cfg,
+		hostname: hostname,
 	}, nil
 }
 
 // NewEvent returns a new rule filtering event
 func (m *RuleFilterModel) NewEvent() eval.Event {
 	return &RuleFilterEvent{
-		cfg: m.cfg,
-		ipc: m.ipc,
+		cfg:      m.cfg,
+		hostname: m.hostname,
 	}
 }
 
@@ -83,7 +82,7 @@ func (m *RuleFilterModel) GetEvaluator(field eval.Field, _ eval.RegisterID, _ in
 		}, nil
 	case "hostname":
 		return &eval.StringEvaluator{
-			Value: getHostname(m.ipc),
+			Value: m.hostname,
 			Field: field,
 		}, nil
 	}
@@ -112,7 +111,7 @@ func (e *RuleFilterEvent) GetFieldValue(field eval.Field) (interface{}, error) {
 	case "origin":
 		return e.cfg.Origin, nil
 	case "hostname":
-		return getHostname(e.ipc), nil
+		return e.hostname, nil
 	}
 
 	return nil, &eval.ErrFieldNotFound{Field: field}
diff --git a/pkg/security/rules/filtermodel/rule_filters_model_test.go b/pkg/security/rules/filtermodel/rule_filters_model_test.go
@@ -25,7 +25,7 @@ func TestSECLRuleFilter(t *testing.T) {
 		Code:         kernel.Kernel5_9,
 	}
 
-	m := NewRuleFilterModelWithKernelVersion(RuleFilterEventConfig{}, kv)
+	m := NewRuleFilterModelWithKernelVersion(RuleFilterEventConfig{}, kv, "functional_tests_host")
 	seclRuleFilter := rules.NewSECLRuleFilter(m)
 
 	t.Run("true", func(t *testing.T) {
diff --git a/pkg/security/tests/module_tester_linux.go b/pkg/security/tests/module_tester_linux.go
@@ -817,7 +817,7 @@ func newTestModule(t testing.TB, macroDefs []*rules.MacroDefinition, ruleDefs []
 		msgSender := newFakeMsgSender(testMod)
 
 		compression := logscompression.NewComponent()
-		cws, err := module.NewCWSConsumer(testMod.eventMonitor, secconfig.RuntimeSecurity, nil, mockFilterStore, module.Opts{EventSender: testMod, MsgSender: msgSender}, compression, ipcComp)
+		cws, err := module.NewCWSConsumer(testMod.eventMonitor, secconfig.RuntimeSecurity, nil, mockFilterStore, "functional_tests_host", module.Opts{EventSender: testMod, MsgSender: msgSender}, compression, ipcComp)
 		if err != nil {
 			return nil, fmt.Errorf("failed to create module: %w", err)
 		}
diff --git a/pkg/security/tests/module_tester_windows.go b/pkg/security/tests/module_tester_windows.go
@@ -180,7 +180,7 @@ func newTestModule(t testing.TB, macroDefs []*rules.MacroDefinition, ruleDefs []
 	var ruleSetloadedErr *multierror.Error
 	if !opts.staticOpts.disableRuntimeSecurity {
 		compression := logscompression.NewComponent()
-		cws, err := module.NewCWSConsumer(testMod.eventMonitor, secconfig.RuntimeSecurity, nil, mockFilterStore, module.Opts{EventSender: testMod}, compression, ipcComp)
+		cws, err := module.NewCWSConsumer(testMod.eventMonitor, secconfig.RuntimeSecurity, nil, mockFilterStore, "functional_tests_host", module.Opts{EventSender: testMod}, compression, ipcComp)
 		if err != nil {
 			return nil, fmt.Errorf("failed to create module: %w", err)
 		}

Original file line number	Diff line number	Diff line change
`@@ -64,7 +64,7 @@ func createEventMonitorModule(_ *sysconfigtypes.Config, deps module.FactoryDepen`
`64`	`64`	`}`
`65`	`65`
`66`	`66`	`if secconfig.RuntimeSecurity.IsRuntimeEnabled() {`
`67`		`- cws, err := secmodule.NewCWSConsumer(evm, secconfig.RuntimeSecurity, deps.WMeta, deps.FilterStore, secmoduleOpts, deps.Compression, deps.Ipc)`
	`67`	`+ cws, err := secmodule.NewCWSConsumer(evm, secconfig.RuntimeSecurity, deps.WMeta, deps.FilterStore, hostname, secmoduleOpts, deps.Compression, deps.Ipc)`
`68`	`68`	`if err != nil {`
`69`	`69`	`return nil, err`
`70`	`70`	`}`
Original file line number	Diff line number	Diff line change
`@@ -115,7 +115,7 @@ func RunCheck(log log.Component, config config.Component, _ secrets.Component, s`
`115`	`115`	`} else if checkArgs.Framework != "" {`
`116`	`116`	`benchDir, benchGlob = configDir, checkArgs.Framework+".yaml"`
`117`	`117`	`} else {`
`118`		`- ruleFilter = compliance.MakeDefaultRuleFilter(ipc)`
	`118`	`+ ruleFilter = compliance.MakeDefaultRuleFilter(hname)`
`119`	`119`	`benchDir, benchGlob = configDir, "*.yaml"`
`120`	`120`	`}`
`121`	`121`
Original file line number	Diff line number	Diff line change
`@@ -11,7 +11,6 @@ package compliance`
`11`	`11`	`import (`
`12`	`12`	`"fmt"`
`13`	`13`
`14`		`- ipc "github.com/DataDog/datadog-agent/comp/core/ipc/def"`
`15`	`14`	`"github.com/DataDog/datadog-agent/pkg/security/rules/filtermodel"`
`16`	`15`	`"github.com/DataDog/datadog-agent/pkg/security/secl/rules/filter"`
`17`	`16`	`)`
`@@ -22,9 +21,9 @@ type seclRuleFilter struct {`
`22`	`21`	`}`
`23`	`22`
`24`	`23`	`// newSECLRuleFilter returns a new agent version based rule filter`
`25`		`-func newSECLRuleFilter(ipc ipc.Component) (*seclRuleFilter, error) {`
	`24`	`+func newSECLRuleFilter(hostname string) (*seclRuleFilter, error) {`
`26`	`25`	`cfg := filtermodel.RuleFilterEventConfig{}`
`27`		`- model, err := filtermodel.NewRuleFilterModel(cfg, ipc)`
	`26`	`+ model, err := filtermodel.NewRuleFilterModel(cfg, hostname)`
`28`	`27`	`if err != nil {`
`29`	`28`	`return nil, fmt.Errorf("failed to create default SECL rule filter: %w", err)`
`30`	`29`	`}`
Original file line number	Diff line number	Diff line change
`@@ -73,7 +73,7 @@ type CWSConsumer struct {`
`73`	`73`	`}`
`74`	`74`
`75`	`75`	`// NewCWSConsumer initializes the module with options`
`76`		`-func NewCWSConsumer(evm eventmonitor.EventMonitor, cfg config.RuntimeSecurityConfig, wmeta workloadmeta.Component, filterStore workloadfilter.Component, opts Opts, compression compression.Component, ipc ipc.Component) (*CWSConsumer, error) {`
	`76`	`+func NewCWSConsumer(evm eventmonitor.EventMonitor, cfg config.RuntimeSecurityConfig, wmeta workloadmeta.Component, filterStore workloadfilter.Component, hostname string, opts Opts, compression compression.Component, ipc ipc.Component) (*CWSConsumer, error) {`
`77`	`77`	`crtelemcfg := telemetry.ContainersRunningTelemetryConfig{`
`78`	`78`	`RuntimeEnabled: cfg.RuntimeEnabled,`
`79`	`79`	`FIMEnabled: cfg.FIMEnabled,`
`@@ -134,7 +134,7 @@ func NewCWSConsumer(evm eventmonitor.EventMonitor, cfg config.RuntimeSecurityC`
`134`	`134`	`listeners = append(listeners, selfTester)`
`135`	`135`	`}`
`136`	`136`
`137`		`- c.ruleEngine, err = rulesmodule.NewRuleEngine(evm, cfg, evm.Probe, c.rateLimiter, c.apiServer, c, c.statsdClient, ipc, listeners...)`
	`137`	`+ c.ruleEngine, err = rulesmodule.NewRuleEngine(evm, cfg, evm.Probe, c.rateLimiter, c.apiServer, c, c.statsdClient, hostname, ipc, listeners...)`
`138`	`138`	`if err != nil {`
`139`	`139`	`return nil, err`
`140`	`140`	`}`