Open incertum opened 1 year ago
incertum
commented
1 year ago @guidemetothemoon and @nikimanoledaki We are happy to take any eBPF question here asynchronously that concerns the collaboration with the Green Reviews WG.
CC @Andreagit97 @FedeDP
EdikAndriasyan
commented
1 year ago Edit (@incertum ): @EdikAndriasyan I have updated the issue description to clarify what this issue was created for (my apologies). For regular Falco bugs or issues, let's use separate tickets.
Hey, I am deploying Falco in GKE cluster(v1.24) with helm chart(3.7.1). Using ebpf module and deploying Falco as DaemonSet. I am getting this error in Falco logs.
`-- BEGIN PROG LOAD LOG -- processed 43798 insns (limit 1000000) max_states_per_insn 1 total_states 4061 peak_states 4061 mark_read 1921
-- END PROG LOAD LOG -- Mon Oct 16 09:06:37 2023: An error occurred in an event source, forcing termination... Mon Oct 16 09:06:37 2023: Closing event source 'syscall' Events detected: 0 Rule counts by severity: Triggered rules by rule name: Error: libscap: bpf_load_program() event=raw_tracepoint/filler/sys_procexit_e: Operation not permitted`
Andreagit97
commented
1 year ago ei @EdikAndriasyan thank you for reporting! this is more a failure than a question, I will answer here https://github.com/falcosecurity/falco/issues/2874
poiana
commented
9 months ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
Andreagit97
commented
9 months ago /remove-lifecycle stale
poiana
commented
6 months ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
Andreagit97
commented
6 months ago /remove-lifecycle stale
poiana
commented
3 months ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
Andreagit97
commented
3 months ago /remove-lifecycle stale
poiana
commented
3 weeks ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
What to document
We are happy to answer questions related to Falco + eBPF you may have.
The purpose of this issue is to answer questions about the underlying kernel driver technology maintained in Falco's libs repository (https://github.com/falcosecurity/libs).
Please file regular bug reports separately. Do not use this issue for bug reports or error message reports.