-
**Describe the bug**
Some days ago we faced this strange thing in the PR regarding e2e tests (https://github.com/falcosecurity/libs/pull/967#discussion_r1133483599).
The question was, why the mode…
-
**Motivation**
Currently, Falco traces every supported system call using kernel tracepoints, both in the kernel module and eBPF probe.
This works well, but in some specific cases it can lead to po…
-
**Describe the bug**
Hi,
I was able to collect the Falco metrics with Grafana Alloy and forward them to my Grafana Cloud account:
I'm noticing anyway some issues with the metrics.
Firs…
-
Hi. I'm the Debian maintainer for sysdig. For the last few releases of sysdig chisels no longer work. Each one throws a lua error when trying to use the global `sysdig` variable. Something like this:
…
-
**Describe the bug**
We recently upgraded from `0.36.2` to `0.38.0` and noticed some of our custom rules were not evaluating the same as previously. I narrowed it down to one specific macro…
-
**Motivation**
When capturing syscalls, we capture all data including sensitive information that should be removed prior to forwarding to a central registry. There is no filter to exclude or redact p…
-
**Describe the bug**
Pn 0.34.x releases we do experience mem leak on physical instances, while the same setup on AWS is fine. It could be due node workload, but still its clear mem leak.
Actuall…
epcim updated
1 month ago
-
**Describe the bug**
The Falco libs use the `/proc` filesystem to retrieve information about processes when they start up. However, if a thread, during its lifecycle, changes its name using a `prct…
-
Hello,
This is not supported yet, but I'm working on a CMake patch to make it possible. Currently I encounter the following error, which I'll investigate later:
```
[ 3%] Building CXX object …
-
**Describe the bug**
We keep getting alerts that have fields with `NA` and `null` values. Specifically, this causes false positives for the `Non sudo setuid` and `Redirect STDOUT
/STDIN to N…