-
Falco enforces upper limits on variable length strings for kernel signals such as cmd args, process environment variables or file names and paths. The primary motivation is to ensure stability in term…
-
**Motivation**
Support bitmap to access non-init namespaces threads via filterchecks.
The concept of pid namespaces etc extends beyond the concept of containers in libsinsp. Adding these new capab…
-
I am building sysdig v0.30.1 from source on Ubuntu 20.04/10.04 x86_64.
Tried to enable Tests through cmake as
`cmake -DCREATE_TEST_TARGETS=ON -DSYSDIG_VERSION=0.30.0 ..`
However build fails (make) …
-
**Motivation**
I want to make a custom extractor plugin to extend some field in the syscall events, just like some file stats .
So can I use 'syscall' source in my custom extractor plugin?
*…
-
Hello.
I downloaded the last version from the GitHub and try to build it in OBS. So, I got an error:
> [ 91s] cd /home/abuild/rpmbuild/BUILD/sysdig-0.22.0/build/userspace/libsinsp && /usr/bin/…
-
Hello. There's a bug in the build system: DSO tags for `libscap-event-schema.so` are set twice, but never for `libdriver-event-schema.so`. There should be one for each. I'm the Debian maintainer, and …
-
If I use the following command, I'm getting all container events as expected:
```
sysdig container.id=00f372b35933
```
However, if I use
```
sysdig container.id=00f372b35933e9c8d1020bc39994923…
-
**Context / Bigger Picture**
Thanks to @Happy-Dude feedback realized to perhaps first set the stage, please consider reading https://github.com/falcosecurity/falco/issues/2433#issuecomment-14476209…
-
Right now these libraries are very powerful but are hard to vendor and propose changes to without getting the `sysdig` CLI tool involved. By having independent versions of the libraries in independent…
-
**Motivation**
The plugin system has been launched with the intention of extending the libraries by accessing a controlled subset of their capabilities. Currently, the plugin API only allows implem…