Open nwmac opened 6 years ago
@mogul do you have examples of the kind of rule sets you use?
Nothing yet, we're still trying to get past the compliance hurdles of putting it in production before we start tuning rules or figuring out how to make them CF-user-accessible.
As it stands, our integration just puts notice of rules being triggered (whether informational or causing a restart) in the application logs.
Falco - https://sysdig.com/opensource/falco/
The .gov team pipe the falco output into the logs. Can we add deeper integration in Stratos, warnings when particular events happen? Maybe an extension?