github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-06-29 08:07:24 +00:00
Code Issues Projects Releases Wiki Activity

rule(Launch Privileged Container) add images

Browse Source 
Most of these are seen in GKE and are uses for core routing/metrics
collection.

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
This commit is contained in:
Mark Stemm 2020-08-27 17:51:38 -07:00 committed by poiana
parent 534cb8e59f
commit de9c8720c0
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
rules/falco_rules.yaml
View File

@ -1874,7 +1874,15 @@
docker.io/sysdig/sysdig,
falcosecurity/falco,
gcr.io/google_containers/kube-proxy,
gcr.io/google-containers/startup-script,
gcr.io/projectcalico-org/node,
gke.gcr.io/kube-proxy,
gke.gcr.io/gke-metadata-server,
gke.gcr.io/netd-amd64,
gcr.io/google-containers/prometheus-to-sd,
k8s.gcr.io/ip-masq-agent-amd64,
k8s.gcr.io/kube-proxy,
k8s.gcr.io/prometheus-to-sd,
quay.io/calico/node,
sysdig/falco,
sysdig/sysdig,