Closed incertum closed 7 months ago
Instead of exe_flags=%evt.arg.flags
change to flags=%evt.arg.flags
@loresuso called this out.
We keep adding findings and then address them together.
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale
.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close
.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
Cross-linking this issue https://github.com/falcosecurity/rules/issues/214
Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten
.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close
.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle rotten
Should target this for 0.39? Or can we close?
Mark as completed. Adopters could open regular issues in the future.
Motivation
Collect feedback and identify areas for improvement for Falco 0.37 wrt the new rules maturity framework and rules style guide to drive future improvements, as the first version of something new typically has great potential for improvement.
References:
@falcosecurity/falco-maintainers @falcosecurity/rules-maintainers