github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-08-23 08:28:48 +00:00
Code Issues Projects Releases Wiki Activity

Document general configuration

Browse Source
This commit is contained in:
Henri DF 2016-05-10 13:27:05 -07:00
parent 1c3ae275d7
commit 4e525e3114
2 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@ -97,7 +97,10 @@ For performance reasons, some system calls are currently discarded before Falco
## Configuration ## Configuration
Falco is configured via a yaml file. The sample config `falco.yaml` in this repo has comments describing the various options.
General configuration is done via a separate yaml file. The
[config file](falco.yaml) in this repo has comments describing the various
configuration options.
## Installation ## Installation

11
falco.yaml
View File

@ -1,9 +1,18 @@
rules_file: /etc/falco_rules.yaml # File containing Falco rules, loaded at startup.
rules_file: /etc/falco_rules.conf
# Whether to output events in json or text
json_output: false json_output: false
# Send information logs to stderr and/or syslog Note these are *not* security
# notification logs! These are just Falco lifecycle (and possibly error) logs.
log_stderr: false log_stderr: false
log_syslog: true log_syslog: true
# Where security notifications should go.
# Multiple outputs can be enabled.
syslog_output: syslog_output:
enabled: true enabled: true