-
**Motivation**
**Feature**
Can we please rename this project to `falco-rules-operator` so that we can use this name for an officially supported install operator?
**Alternatives**
K…
-
Proposing to follow common and standard Program Argument Syntax Conventions for Falco's CLI options, for example see this [resource](https://www.gnu.org/software/libc/manual/html_node/Argument-Syntax.…
-
Hello Falco team,
During evaluating Falco on different managed k8s clusters, my team and I observed some unexpected behaviour.
**Describe the bug**
On AKS k8s cluster, generated alerts are ra…
-
Help us understand your request (check below):
- [ ] search or data request (help with SQL or provide the specific fields you are trying to retrieve for your collection)
- [ ] add a new Github user …
-
**Motivation**
Falco is great. I want Falco. But I also want to run the workload using a sandboxed runtime like kata containers. I hate choosing; I want both things.
**Feature**
It'd be aweso…
-
I was trying to have [Falco](https://github.com/falcosecurity/falco) running on Photon OS with linux-esx kernel but it can't work because of the esx kernel config.
```
root@photon-1d270acad7c [ ~ …
-
When I build the /usr/share/falco/plugins/libdocker.so, and I use the command falco -c /etc/falco/falco.yaml -r /etc/falco/rules.yaml to trigger falco, the system break down with:
Sat Jan 7 09:17:17…
-
Explore options to augment the Rules Overview Doc https://falcosecurity.github.io/rules/ based on the new "falco rules mitre checker module", see https://github.com/falcosecurity/rules/pull/181
CC …
-
**What to document**
We are happy to answer questions related to Falco + eBPF you may have.
The purpose of this issue is to answer questions about the underlying kernel driver technology maintai…
-
Hello,
My team and I have recently encountered an issue where alerts triggered by the "Privileged Shell Spawned in Container" rule are missing container-related details.
Example of Alert Output:…