search

falcosecurity / falco-website

Source code of the official Falco website
https://falco.org
Creative Commons Attribution 4.0 International
34 stars 219 forks source link

Group Rules, Events and Plugins into a newer section called Concepts #668

Closed vjjmiras closed 1 year ago

vjjmiras commented 2 years ago

/area documentation

What would you like to be added:

A structure grouping Falco components like the following:

Concepts
│
│── Overview
│
│── Falco Architecture
│
+───+ Rules
│   │
│   │── Overview
│   │── Basic Conditions
│   │── Macros
│   │── Lists
│   │── Advanced Conditions
│   │── Exceptions
│   │── Reusability of rules
│     
+───+ Events
│   │
│   │── Overview
│   │───+ Falco Drivers
│   │   │── Kernel Module
│   │   │── eBPF Probe
│   │── .. 
│   
+───+ Plugins
    │
    │── Overview
    │───+ CloudTrail
    │   │── ...
    │── Okta
    │── ...

Why is this needed:

Current documentation mixes different concepts with different use and level of importance.

Falco's architecture is based on events from different sources. Events can be provided either by syscalls or by different plugins. Once the events are retrieved, they are parsed by rules. These elements are basic concepts to learn when using Falco.

poiana commented 1 year ago

Issues go stale after 90d of inactivity.

Mark the issue as fresh with /remove-lifecycle stale.

Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Provide feedback via https://github.com/falcosecurity/community.

/lifecycle stale

poiana commented 1 year ago

Stale issues rot after 30d of inactivity.

Mark the issue as fresh with /remove-lifecycle rotten.

Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Provide feedback via https://github.com/falcosecurity/community.

/lifecycle rotten

vjjmiras commented 1 year ago

/remove-lifecycle rotten

poiana commented 1 year ago

Issues go stale after 90d of inactivity.

Mark the issue as fresh with /remove-lifecycle stale.

Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Provide feedback via https://github.com/falcosecurity/community.

/lifecycle stale

poiana commented 1 year ago

Stale issues rot after 30d of inactivity.

Mark the issue as fresh with /remove-lifecycle rotten.

Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Provide feedback via https://github.com/falcosecurity/community.

/lifecycle rotten

poiana commented 1 year ago

Rotten issues close after 30d of inactivity.

Reopen the issue with /reopen.

Mark the issue as fresh with /remove-lifecycle rotten.

Provide feedback via https://github.com/falcosecurity/community. /close

poiana commented 1 year ago

@poiana: Closing this issue.

In response to [this](https://github.com/falcosecurity/falco-website/issues/668#issuecomment-1555414435): >Rotten issues close after 30d of inactivity. > >Reopen the issue with `/reopen`. > >Mark the issue as fresh with `/remove-lifecycle rotten`. > >Provide feedback via https://github.com/falcosecurity/community. >/close Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.