-
I am trying to understand the differences between Falco and tetragon. Let’s say, falco is meant for this and it cannot do this like tetragon. Can I get some help? Kindly try to provide elaborate answe…
-
**Motivation**
Falco currently sends alerts/logs with a predefined set of wrapper fields, some of which are configurable (such as tags, etc.).
For example:
```
{
"hostname": "test-host",
…
-
Hi 👋
We have some false positive alerts on empty events, similar to https://github.com/falcosecurity/falco/issues/3234, https://github.com/falcosecurity/falco/issues/2700 (hope I can help in th…
-
**Describe the bug**
Pn 0.34.x releases we do experience mem leak on physical instances, while the same setup on AWS is fine. It could be due node workload, but still its clear mem leak.
Actuall…
epcim updated
2 weeks ago
-
Refactor and simplify legacy [syscall_event_drops](https://github.com/falcosecurity/falco/blob/40f4ce008ab2b67ef30129036129d121fe7e938d/falco.yaml#L796-L841).
Previous discussion: https://github.co…
-
Container-optimized operating systems forensics need eBPF observability.
(https://sysdig.com/blog/introducing-container-observability-with-ebpf-and-sysdig/)
Sysdig Secure can automatically capture…
-
I am encountering a critical issue while running Falco v0.36.2 as a daemonset on an Openshift cluster (OCP v4.12) with three worker nodes. The problem manifests as a substantial drop rate of events an…
-
**Motivation**
If you have Falco deployed to many clusters across different AWS accounts or Google Cloud Projects it can be challenging to understand what Account/Project, Region, and Cluster this sp…
-
**Motivation**
Currently, Falco traces every supported system call using kernel tracepoints, both in the kernel module and eBPF probe.
This works well, but in some specific cases it can lead to po…
-
## Why this issue?
When Falco is running, a producer (a.k.a the [driver](https://falco.org/docs/event-sources/drivers/)) continuously forwards events to a consumer (the Falco userspace program) wit…
leogr updated
1 month ago