-
### Is there an existing issue for this?
- [X] I have searched the existing issues
### Is your feature request related to a problem?
As a security team, we want to know users' activities on a…
ycaoT updated
6 months ago
-
# Describe the feature
For audit purpose, it would nice to keep history of Tenants policy violations.
Just tracking events as for #289 could be not enough since events are lost after a while.
-
## User Story
In order to meet SI-3, data.gov security wants all Falco logs to be collected in CloudWatch.
## Acceptance Criteria
[ACs should be clearly demoable/verifiable whenever possible.…
-
**What to document**
Current docs state that Datadog events can be filtered by `sources:falco`: https://github.com/falcosecurity/falcosidekick/blob/2.29.0/docs/outputs/datadog.md?plain=1#L37
Unf…
-
**Motivation**
Falco would like to partner with https://github.com/cncf/tag-env-sustainability in order to improve Falco's efficiency (reduce compute overhead and resolve resource constraints limit…
-
**Describe the bug**
If we install the latest Version of `falcosecurity/falco` Chart with a custom `ImagePullSecrets` we got a different rendering behavior from the Sidekick Subcharts.
**How to …
-
After upgrading to falco 0.38.0 some k8s specific fields are not pupulated any more. E.g. k8s.ns.name amd k8s.pod.name.
Enviroment ist k8s 1.28.6 with the following runtime components:
* dock…
-
Hello,
I have created an issue for an integration with Falco for ECS recently, facing a similar issue with integration of Falco with AWS FireLens for EKS.
The K8s config files for Firelens locate…
-
Disclaimer: We will use the term “k8s user” to refer to the Kubernetes control plane “user” (human or serviceaccount) who makes API calls. This user is different from the traditional Linux users and s…
-
http_output must have compression, batching and keep_alive options.
This is relevant in HighLoad installations and without a falcosidekick in each k8s cluster.