Update README

[shawndwells]

Creates a table to show what each sample event does

[shawndwells]

Yes. That means installing some container engine and turning the host into a container platform though

On Tue, Apr 20, 2021, 12:57 PM Gabe Alford @.***> wrote:

@.**** commented on this pull request.

In README.md https://github.com/CrowdStrike/detection-container/pull/8#discussion_r616873020 :

@@ -2,22 +2,24 @@

-This container will create detections and preventions on a Linux container protected by a CrowdStrike sensor. +This container will create detections and preventions on a Linux container platform protected by a CrowdStrike sensor.

What do you mean by a Linux container platform? I can run this in the container on a linux host, right?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/CrowdStrike/detection-container/pull/8#pullrequestreview-640212204, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABLS6WWKA5PTLIHYHQPB7ODTJWW6FANCNFSM43IRCMUA .

[shawndwells]

Hmm, what really trying to get across is that a Linux container on a windows host won't generate detections yet . Is there a better way to express that?

On Tue, Apr 20, 2021, 1:13 PM Shawn D. Wells @.***> wrote:

Yes. That means installing some container engine and turning the host into a container platform though

On Tue, Apr 20, 2021, 12:57 PM Gabe Alford @.***> wrote:

@.**** commented on this pull request.

In README.md https://github.com/CrowdStrike/detection-container/pull/8#discussion_r616873020 :

@@ -2,22 +2,24 @@

-This container will create detections and preventions on a Linux container protected by a CrowdStrike sensor. +This container will create detections and preventions on a Linux container platform protected by a CrowdStrike sensor.

What do you mean by a Linux container platform? I can run this in the container on a linux host, right?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/CrowdStrike/detection-container/pull/8#pullrequestreview-640212204, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABLS6WWKA5PTLIHYHQPB7ODTJWW6FANCNFSM43IRCMUA .

[redhatrises]

What about this?

This container will create detections and preventions only on Linux hosts protected by a CrowdStrike sensor.

Edit:

Can also add: This is not supported on Windows somewhere

[shawndwells]

What about this?

This container will create detections and preventions only on Linux hosts protected by a CrowdStrike sensor.

Edit:

Can also add: This is not supported on Windows somewhere

But this isn't about Linux hosts (aka virtual machines), it's about Linux container platforms like docker or openshift or coreos

[redhatrises]

What about this?

This container will create detections and preventions only on Linux hosts protected by a CrowdStrike sensor.

Edit: Can also add: This is not supported on Windows somewhere

But this isn't about Linux hosts (aka virtual machines), it's about Linux container platforms like docker or openshift or coreos

What about This container will create detections and preventions only on Linux hosts and container platforms protected by a CrowdStrike sensor.?

[shawndwells]

What about this?

This container will create detections and preventions only on Linux hosts protected by a CrowdStrike sensor.

Edit: Can also add: This is not supported on Windows somewhere

But this isn't about Linux hosts (aka virtual machines), it's about Linux container platforms like docker or openshift or coreos

What about This container will create detections and preventions only on Linux hosts and container platforms protected by a CrowdStrike sensor.?

Clever. Updated.

[redhatrises]

Thanks! Ack