redhatrises
commented
2 years ago Hello,
Please open a case with crowdstrike support. This isn't the place to seek support around the sensor itself. Thanks.
Closed salanki closed 2 years ago
redhatrises
commented
2 years ago Hello,
Please open a case with crowdstrike support. This isn't the place to seek support around the sensor itself. Thanks.
I am orchestrating my falcon-sensors (kernel mode) via a DaemonSet. I am using the CVE-2021-4034 as my detection test. It seems as my hosts where I have installed falcon sensor directly via the .deb package, it gets detected consistently. However, on hosts where it is deployed via this chart (kernel sensor, not container sensor), it doesn't get detected. Does this make sense at all? The commands show up in the command log if I browse the host, it just doesn't trigger a detection.