github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-06-27 15:17:50 +00:00
Code Issues Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Henri DF 2016-02-21 20:31:33 -08:00
parent 5a3c191c97
commit b41794f6a9
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -52,6 +52,8 @@ interactive: proc.pname = bash or proc.pname = sshd
write and interactive and fd.name contains sysdig write and interactive and fd.name contains sysdig
write and interactive and fd.name contains .txt write and interactive and fd.name contains .txt
``` ```
(Note: compared to the syntax in the page referenced above, this is missing the output spec (`.. | <output>`). This part is not implemented yet. Stay tuned...)
Let's assume you called that file rules.txt. Now you can run digwatch like so: Let's assume you called that file rules.txt. Now you can run digwatch like so: