Add Falco integration - Githubissues

cloudfoundry / stratos

Stratos: Web-based Management UI for Cloud Foundry and Kubernetes

Apache License 2.0

244 stars 130 forks source link

Add Falco integration #2992

Open nwmac opened 6 years ago

nwmac commented 6 years ago

Falco - https://sysdig.com/opensource/falco/

It’s opensource
https://www.twistlock.com/ - Similar but not opensource

The .gov team pipe the falco output into the logs. Can we add deeper integration in Stratos, warnings when particular events happen? Maybe an extension?

KlapTrap commented 6 years ago

@mogul do you have examples of the kind of rule sets you use?

mogul commented 5 years ago

Nothing yet, we're still trying to get past the compliance hurdles of putting it in production before we start tuning rules or figuring out how to make them CF-user-accessible.

As it stands, our integration just puts notice of rules being triggered (whether informational or causing a restart) in the application logs.