-
这里日志是用sysdig采集的,但我们对数据进行简单统计分析后,发现一些问题:
1. 日志应该不是直接由 sysdig -j 导出,最后的 is_warn 字段似乎是添加上的。这个标注的依据是什么?
2. 日志中的 evt.type 类型被限定了,以下是日志内出现的各类 syscall 的统计结果。
```
# anomaly.json: {'read': 1580869, 'fstat'…
-
1. 放在 `Application Scripts` 文件夹时候注意给**权限,** 否则会报格式异常错误
2. 估计作者调用 unix script 的时候没有给其它 path 的执行环境, 导致只能用 `user/bin` 下面的命令, 类似 `execve` ? (不过这里可以用全路径先用着)
3. 如果没有输出有的时候就是 `2` 导致的原因
-
**Motivation**
In a sync with my detection and response peers, I was discussing how tools like Falco can drop events during periods of high syscall activity and built-in features (like the syscall …
-
when b3 try to parse this instruction i get this error
```
arch_prctl(0x3001 /* ARCH_??? */, 0x7ffe4887f480) = -1 EINVAL (Invalid argument)
```
```
[PARSE ERROR] SyntaxError: Expected [0-9] but "…
p8nut updated
4 years ago
-
./termux-fedora.sh uninstall fails with:
...
rm: cannot remove '/data/data/com.termux/files/home/fedora/root/.bash_profile': Permission denied
rm: cannot remove '/data/data/com.termux/files/home/…
-
on MacOS at least (not sure about other OSs), ctrl-C in the REPL prints an exception before exiting
```
Exception in thread "main" com.sun.jna.LastErrorException: [5] Input/output error
at com.sun…
-
We need to get the arguments from `evt.info` for the event `evt.type:execve`.
However, the output format of `args` in `evt.info` is something like `chmod.+x.index.html.download`. Namely the delimi…
-
On NixOS this package is completely useless and also sabotages the usage of other packages that depend on it to function.
```
$ wger bootstrap
Traceback (most recent call last):
File "/home/wg…
-
### Describe the bug
The "Show REAPER resource path in finder/explorer" button under Options does not launch a file manager.
### Steps To Reproduce
Steps to reproduce the behavior:
1. Open a Rea…
-
Hi Team,
Is there any way to override `KIND_EXPERIMENTAL_PROVIDER` or set provider using a CLI flag ?
I think a global `--provider` flag would be helpful for such scenarios, especially when invoki…