Closed shawndwells closed 3 years ago
Yes. That means installing some container engine and turning the host into a container platform though
On Tue, Apr 20, 2021, 12:57 PM Gabe Alford @.***> wrote:
@.**** commented on this pull request.
In README.md https://github.com/CrowdStrike/detection-container/pull/8#discussion_r616873020 :
@@ -2,22 +2,24 @@
-This container will create detections and preventions on a Linux container protected by a CrowdStrike sensor. +This container will create detections and preventions on a Linux container platform protected by a CrowdStrike sensor.
What do you mean by a Linux container platform? I can run this in the container on a linux host, right?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/CrowdStrike/detection-container/pull/8#pullrequestreview-640212204, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABLS6WWKA5PTLIHYHQPB7ODTJWW6FANCNFSM43IRCMUA .
Hmm, what really trying to get across is that a Linux container on a windows host won't generate detections yet . Is there a better way to express that?
On Tue, Apr 20, 2021, 1:13 PM Shawn D. Wells @.***> wrote:
Yes. That means installing some container engine and turning the host into a container platform though
On Tue, Apr 20, 2021, 12:57 PM Gabe Alford @.***> wrote:
@.**** commented on this pull request.
In README.md https://github.com/CrowdStrike/detection-container/pull/8#discussion_r616873020 :
@@ -2,22 +2,24 @@
-This container will create detections and preventions on a Linux container protected by a CrowdStrike sensor. +This container will create detections and preventions on a Linux container platform protected by a CrowdStrike sensor.
What do you mean by a Linux container platform? I can run this in the container on a linux host, right?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/CrowdStrike/detection-container/pull/8#pullrequestreview-640212204, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABLS6WWKA5PTLIHYHQPB7ODTJWW6FANCNFSM43IRCMUA .
What about this?
This container will create detections and preventions only on Linux hosts protected by a CrowdStrike sensor.
Edit:
Can also add: This is not supported on Windows
somewhere
What about this?
This container will create detections and preventions only on Linux hosts protected by a CrowdStrike sensor.
Edit:
Can also add:
This is not supported on Windows
somewhere
But this isn't about Linux hosts (aka virtual machines), it's about Linux container platforms like docker or openshift or coreos
What about this?
This container will create detections and preventions only on Linux hosts protected by a CrowdStrike sensor.
Edit: Can also add:
This is not supported on Windows
somewhereBut this isn't about Linux hosts (aka virtual machines), it's about Linux container platforms like docker or openshift or coreos
What about This container will create detections and preventions only on Linux hosts and container platforms protected by a CrowdStrike sensor.
?
What about this?
This container will create detections and preventions only on Linux hosts protected by a CrowdStrike sensor.
Edit: Can also add:
This is not supported on Windows
somewhereBut this isn't about Linux hosts (aka virtual machines), it's about Linux container platforms like docker or openshift or coreos
What about
This container will create detections and preventions only on Linux hosts and container platforms protected by a CrowdStrike sensor.
?
Clever. Updated.
Thanks! Ack
Creates a table to show what each sample event does