ghost
commented
3 years ago +1 this - we run a lot of gVisor workloads because they're higher risk, and so getting insights into these would be awesome
Open egernst opened 3 years ago
ghost
commented
3 years ago +1 this - we run a lot of gVisor workloads because they're higher risk, and so getting insights into these would be awesome
leogr
commented
3 years ago I think this is something we should discuss during our community call.
Please join us if you want!
terenceli
commented
3 years ago Hi, I'm also very interested in this feature request. Any update information?
egernst
commented
3 years ago I'll join a future community call. Thanks @leogr !
poiana
commented
3 years ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
pidydx
commented
3 years ago Has there been any discussion or movement on this?
poiana
commented
3 years ago Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle rotten
bergwolf
commented
3 years ago I'm also very interested in seeing it happen. Is there a community call every week?
leodido
commented
3 years ago Indeed there is. :)
Every Wed. More details at https://github.com/falcosecurity/community
On Fri, 23 Apr 2021 at 09:17 Peng Tao @.***> wrote:
I'm also very interested in seeing it happen. Is there a community call every week?
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/falcosecurity/falco/issues/1413#issuecomment-825448178, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAA5J42VFI5EQN2Q6FYO53DTKENJTANCNFSM4RYRVE6A .
-- L.
poiana
commented
3 years ago Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.
Provide feedback via https://github.com/falcosecurity/community. /close
poiana
commented
3 years ago @poiana: Closing this issue.
poiana
commented
2 years ago @lining2020x: You can't reopen an issue/PR unless you authored it or you are a collaborator.
lining2020x
commented
2 years ago /reopen
poiana
commented
2 years ago @lining2020x: You can't reopen an issue/PR unless you authored it or you are a collaborator.
leogr
commented
2 years ago /reopen
poiana
commented
2 years ago @leogr: Reopened this issue.
leogr
commented
2 years ago /remove-lifecycle rotten
poiana
commented
2 years ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
leogr
commented
2 years ago /remove-lifecycle stale
poiana
commented
2 years ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
jasondellaluce
commented
2 years ago /remove-lifecycle stale
poiana
commented
2 years ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
jasondellaluce
commented
2 years ago /remove-lifecycle stale
leogr
commented
2 years ago cc @LucaGuerra
poiana
commented
1 year ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
leogr
commented
1 year ago /remove-lifecycle stale cc @FedeDP
poiana
commented
1 year ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
FedeDP
commented
1 year ago /remove-lifecycle stale
leogr
commented
1 year ago /help
poiana
commented
1 year ago @leogr: This request has been marked as needing help from a contributor.
Please ensure the request meets the requirements listed here.
If this request no longer meets these requirements, the label can be removed
by commenting with the /remove-help command.
poiana
commented
1 year ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
leogr
commented
1 year ago /remove-lifecycle stale
poiana
commented
1 year ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
poiana
commented
11 months ago Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle rotten
leogr
commented
11 months ago /remove-lifecycle stale /remove-lifecycle rotten
poiana
commented
8 months ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
Andreagit97
commented
8 months ago /remove-lifecycle stale
roshaaaan
commented
5 months ago Hi, I wanted to ask if this feature is on the roadmap. I would appreciate any feedback you may have.
Feature: It'd be awesome to be able to run either the kernel module or eBPF inside the guest kernel and have this available for Falco on the host. From taking a quick look @ https://sysdig.com/blog/understanding-common-library-implementation/, I'm hopeful that this is feasible, and we could have SCAP <-> sinsp communication occur over vsock between the guest/host.
Andreagit97
commented
5 months ago Hi, I wanted to ask if this feature is on the roadmap. I would appreciate any feedback you may have.
Hey @roshaaaan at the moment we just support Gvisor, we don't have anything planned in the roadmap about this topic but this is for sure something we are interested in!
poiana
commented
2 months ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
Andreagit97
commented
2 months ago /remove-lifecycle stale
Motivation
Falco is great. I want Falco. But I also want to run the workload using a sandboxed runtime like kata containers. I hate choosing; I want both things.
Feature
It'd be awesome to be able to run either the kernel module or eBPF inside the guest kernel and have this available for Falco on the host. From taking a quick look @ https://sysdig.com/blog/understanding-common-library-implementation/, I'm hopeful that this is feasible, and we could have SCAP <-> sinsp communication occur over vsock between the guest/host.
Alternatives
I have to choose either Falco or sandboxed runtime.
Additional context
I haven't spent a lot of time yet looking through Falco yet, but before investing I am interested in high-level feedback like: