Open Issif opened 1 year ago
I'll use this issue to list the ideas of features, feel free to propose yours and I'll add them if I think they're relevant:
dry-run
kubernetes:delete
kubernetes:script
kubernetes:disableuser
kubernetes:log
kubernetes:checkpoint
kubernetes:tshark
kubernetes:tcpdump
kubernetes:cordon
kubernetes:drain
ansible:playbook
shell:command
shell:script
aws:lambda
aws:cli
aws:command
calico:networkpolicy
cilium:networkpolicy
gcp:cloudfunction
webhook
allow
*:networkpolicy
debug
debug=true
Replace by an opened discussion https://github.com/falco-talon/falco-talon/discussions/277
I'll use this issue to list the ideas of features, feel free to propose yours and I'll add them if I think they're relevant:
dry-run
option in the rulekubernetes:delete
to delete resources other than Pods (secrets/configmaps/deployment/statefulset/replicaset/daemonset)kubernetes:script
to run a shell script in a podkubernetes:disableuser
disable a control plane userkubernetes:log
get last logs from a podkubernetes:checkpoint
create a checkpointkubernetes:tshark
,kubernetes:tcpdump
kubernetes:cordon
kubernetes:drain
ansible:playbook
run an ansible playbook locally/remotelyshell:command
run a shell command locallyshell:script
run a shell script locallyaws:lambda
run an AWS Lambda functionaws:cli
run an AWS CLI Command (maybeaws:command
is a better name?)calico:networkpolicy
cilium:networkpolicy
gcp:cloudfunction
webhook
allow
parameter of*:networkpolicy
debug
mode: only display the received event which match, except ifdebug=true