github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2026-04-03 02:22:05 +00:00
Code Issues Projects Releases Wiki Activity

Commit Graph

  • 91954d61ce Define GRPC_CPP_PLUGIN (#569) Mark Stemm 2019-04-02 10:34:54 -07:00
  • 9e26117e93 exclude oc on writing below root (#567) Kaizhe Huang 2019-03-29 10:07:05 -07:00
  • 2fd90bf6a7 + Add a user_known_write_monitored_dir_conditions macro to allow custom conditions in the "Write below monitored dir" rule (#566) Jean-Philippe Lachance 2019-03-28 17:17:01 -04:00
  • bdda640da1 Flag excess drops (#561) Mark Stemm 2019-03-27 15:50:39 -07:00
  • 7b0b4984eb ! Fix the prometheus_conf_writing_conf macro (#564) Jean-Philippe Lachance 2019-03-25 19:37:50 -04:00
  • cc7fecedf7 kh: exclude rancher events (#559) Kaizhe Huang 2019-03-15 12:57:15 -07:00
  • d366092214 + Add "puppet" in the list of known proc.name writing below etc because Puppet often manages configurations (#563) Jean-Philippe Lachance 2019-03-15 12:09:46 -04:00
  • 7689282621 Allow exe running Docker save to write below rpm database (#552) Jean-Philippe Lachance 2019-03-14 12:40:29 -04:00
  • 3d96ca5157 Add KUBERNETES_SERVICE_HOST (#562) prsimoes 2019-03-13 17:40:41 -07:00
  • 28622e6fdc Rule updates 2019.02.v1 (#551) Mark Stemm 2019-03-08 19:23:18 -08:00
  • 5740186280 Support container event to denote container starts (#550) Mark Stemm 2019-03-08 13:23:10 -08:00
  • 3edd39e625 fix stale.yml file extension (#548) Michael Ducy 2019-03-05 10:03:07 -05:00
  • e486af6d09 Puppet module fixes (#546) Jean-Philippe Lachance 2019-03-01 13:53:37 -05:00
  • 04b1b4da67 delete all duplicate empty blanks (#542) Xiang Dai 2019-02-28 00:53:40 +08:00
  • a6c5926336 Adds packaging for RHEL (#544) Jorge Salamero Sanz 2019-02-26 16:44:20 +01:00
  • 0429883d99 Update version to 0.3.0 (#543) Mark Stemm 2019-02-21 10:50:15 -08:00
  • 9c574732f2 Update the Puppet module (#537) Jean-Philippe Lachance 2019-02-21 13:40:11 -05:00
  • 0b29b122e1 falco.yaml: change default program_output action (#507) (#541) Mark Stemm 2019-02-20 09:32:14 -08:00
  • 135fafb56b fix k8s install issue (#506) (#540) Mark Stemm 2019-02-20 09:23:31 -08:00
  • f4b0b3c096 falco.yaml: change default program_output action (#507) Xiang Dai 2019-02-21 01:18:45 +08:00
  • e546555de8 fix k8s install issue (#506) Xiang Dai 2019-02-21 01:17:34 +08:00
  • a31c3c0eb9 Move kubernetes-response-engine to falcosecurity/kubernetes-response-engine (#539) Néstor Salceda 2019-02-20 17:13:59 +01:00
  • d7568ac42f Add gcc back from manual packages (#536) Mark Stemm 2019-02-13 08:18:07 -08:00
  • c1b7356ac3 Add k8s audit instructions for kops (#535) Mark Stemm 2019-02-12 18:53:20 -08:00
  • 79d408f472 Add HTTP output handler (#523) Michael Ducy 2019-02-11 17:20:19 -05:00
  • 7b71eb875f Docker-based way to build falco (#522) Mark Stemm 2019-02-11 13:27:47 -08:00
  • 29b8dc8cf0 Update contribute doc (#524) Xiang Dai 2019-02-12 05:22:00 +08:00
  • 1fb53eefdb Update output (#511) Xiang Dai 2019-02-12 05:01:49 +08:00
  • 44e88f28a4 Merge remote-tracking branch 'origin/dev' Mark Stemm 2019-02-10 14:57:00 -08:00
  • 26eba69ec4 Remove gcc 6. (#526) Mark Stemm 2019-02-10 14:56:09 -08:00
  • 62c1a0440d Merge remote-tracking branch 'origin/dev' 0.14.0 Mark Stemm 2019-02-06 16:38:53 -08:00
  • ca7106c652 Update for 0.14.0 (#519) Mark Stemm 2019-02-06 16:37:55 -08:00
  • 5e9bbd139c Add support bundle (#517) Mark Stemm 2019-02-06 16:36:33 -08:00
  • bd4c3ffa39 Add additional k8s rbac resources (#514) Mark Stemm 2019-02-06 15:51:57 -08:00
  • 477fcb56f1 Update rules to use more reliable container image predicates (#513) Mattia Pagnozzi 2019-02-01 19:00:26 +01:00
  • c111f282dd 1) Changing ssh to minikube ssh 2) Noting the step to create /falco-config (#503) Marky Jackson 2019-01-31 08:52:16 -08:00
  • 50c6515da5 kh: improve mount on /var/lib/kubelet rule (#509) Kaizhe Huang 2019-01-30 14:13:19 -08:00
  • 9e0e3da617 add config for stale issue tracker (#500) Michael Ducy 2019-01-30 10:44:42 -06:00
  • 513cf2ed8b Rules versioning (#492) Mark Stemm 2019-01-29 12:43:15 -08:00
  • a78212cc62 Merge pull request #480 from lorenzo-david/lorenzod-k8s-audit-dev lorenzo-david 2019-01-28 15:59:33 -08:00
  • 074a906af3 Fixed Heading Formatting (#502) Dave Strebel 2019-01-25 13:46:15 -06:00
  • 4fcd44e73a Allow SSL for k8s audit endpoint (#471) Michael Ducy 2019-01-23 22:21:37 -06:00
  • ec07f7c240 Add /etc mount for falco container (#475) Michael Ducy 2019-01-23 21:13:05 -06:00
  • b8a25c6e71 Add gcc 5 by hand rather than from debian unstable (#501) Mark Stemm 2019-01-23 18:02:03 -08:00
  • edc8eb2fd8 add config for stale issue tracker Michael Ducy 2019-01-23 15:44:30 -05:00
  • 21c7eece25 add cii best practices badge (#499) Michael Ducy 2019-01-23 14:04:24 -06:00
  • 36a1cdd9bc Add c-ares, protobuf and grpc dependencies (#498) Mark Stemm 2019-01-21 15:51:32 -08:00
  • ddf55d3c8e Merge remote-tracking branch 'origin/dev' 0.13.1 Mark Stemm 2019-01-17 07:28:18 -08:00
  • b76f60d419 Update CHANGELOG/README for 0.13.1 (#497) Mark Stemm 2019-01-17 07:19:49 -08:00
  • 889fcc8b50 Add falco service k8s (#496) Mark Stemm 2019-01-16 18:12:02 -08:00
  • 6863675b76 Remove kubernetes-response-engine from system:masters (#488) Néstor Salceda 2019-01-17 02:43:38 +01:00
  • c28892eba3 Fix missing arguments (#485) ztz 2019-01-17 09:42:58 +08:00
  • 5e5742f87d Only have -pc/-pk apply to syscall rules (#495) Mark Stemm 2019-01-14 10:00:43 -08:00
  • 611877e4d3 Unbuffer outputs by default (#494) Mark Stemm 2019-01-14 10:00:23 -08:00
  • 29b597dd9c Improved inbound/outbound macros (#470) Mark Stemm 2019-01-09 12:27:46 -08:00
  • 840fc4bb41 Kh add process rules v2 (#490) Mark Stemm 2018-12-27 21:15:00 -08:00
  • ea303ba32f noise suppression: calico writing config files into /etc (#481) Loris Degioanni 2018-12-10 11:54:47 -08:00
  • 3bd0081753 Implementing required gen_event virtual methods Lorenzo David 2018-12-05 12:49:04 -08:00
  • 67cde2980d Add k8s.ns.name to output when -k flag passed (#472) Michael Ducy 2018-11-27 19:44:01 -06:00
  • e4e6d8845d Add optional support for -Wextra and -Werror (#479) Andy Dalton 2018-11-27 20:38:10 -05:00
  • 67d1e6c51d Merge pull request #476 from nestorsalceda/fix-cluster-role-binding-cncf Jorge Salamero Sanz 2018-11-27 17:03:29 +01:00
  • f7c17bb1a5 This apiGroup is not needed on the CNCF flavor Néstor Salceda 2018-11-27 17:02:02 +01:00
  • 21f16f0cb0 Merge pull request #465 from nestorsalceda/falco-aws-permissions-fix Jorge Salamero Sanz 2018-11-20 10:11:00 +01:00
  • d1329af3bd Avoid going past end of ruleset/etag arrays (#468) Mark Stemm 2018-11-15 16:42:14 -08:00
  • 1308d7fc35 Put RBAC configuration together Néstor Salceda 2018-11-12 17:34:21 +01:00
  • c24fa324d2 Use a newly created system account instead of my personal one Néstor Salceda 2018-11-09 19:23:54 +01:00
  • e15ee1d28d Use deploy as target instead of name Néstor Salceda 2018-11-09 17:48:51 +01:00
  • 1da02bf3ff Honor the principle of least privilege for CNCF deployment Néstor Salceda 2018-11-09 17:45:30 +01:00
  • 4696519deb Honor the principle of least privilege for AWS deployment Néstor Salceda 2018-11-09 17:44:04 +01:00
  • e321d7c8de Fix script documentation and parameters Néstor Salceda 2018-11-09 17:28:16 +01:00
  • bd7a9733fd Merge branch 'dev' 0.13.0 Mark Stemm 2018-11-09 13:41:29 -08:00
  • 3fd573e432 Update CHANGELOG, README for 0.13.0 (#463) Mark Stemm 2018-11-09 13:30:51 -08:00
  • cd53c58808 Make k8s-audit rules and main rules compatible (#464) Mark Stemm 2018-11-09 12:56:05 -08:00
  • c6169e1aaa Rule updates 2018 11.v1 (#455) Mark Stemm 2018-11-09 11:51:15 -08:00
  • b79670a79a adding few executables in corresponding groups (#445) Julien 2018-11-09 13:25:55 -05:00
  • 1f28f85bdf K8s audit evts (#450) Mark Stemm 2018-11-09 10:15:39 -08:00
  • ff4f7ca13b Update repo links. (#447) TaoBeier 2018-11-08 00:35:10 +08:00
  • 071e8de075 Port Kubernetes Response Engine to AWS Technology (#460) Néstor Salceda 2018-11-07 17:34:13 +01:00
  • 32f8e304eb Load/unload kernel module on start/stop (#459) Mark Stemm 2018-11-06 13:07:50 -08:00
  • 6eac49e5ae Restart falco on SIGHUP. (#457) Mark Stemm 2018-11-06 11:14:10 -08:00
  • 53c7e101fe Add netcat to docker images (#456) Mark Stemm 2018-11-05 17:50:53 -08:00
  • 774046d57e Merge pull request #448 from nestorsalceda/capturer-use-volumes Jorge Salamero Sanz 2018-11-05 10:19:29 +01:00
  • 438f647984 fix deply_playbook option issue (#452) Kaizhe Huang 2018-11-02 17:20:24 -07:00
  • 8c6ebd586d Update nodejs example (#449) Mark Stemm 2018-10-26 05:51:33 -07:00
  • c531d91493 Only upload file to S3 if we have credentials and target bucket Néstor Salceda 2018-10-26 12:49:23 +02:00
  • 48d01203ef Add a makefile for automating docker image building and pushing Néstor Salceda 2018-10-25 17:39:12 +02:00
  • 43126362c3 Use /captures and allow to be mounted as a volume for placing files on host Néstor Salceda 2018-10-25 17:38:45 +02:00
  • ef9c4ee6ab Merge pull request #442 from nestorsalceda/falco-new-organization Jorge Salamero Sanz 2018-10-22 15:56:31 +02:00
  • 38771923ca Merge pull request #444 from nestorsalceda/kre-training Jorge Salamero Sanz 2018-10-19 13:47:43 +02:00
  • 5b060d2c0f Remove the description fields Néstor Salceda 2018-10-19 13:08:20 +02:00
  • 47828f259f Revert "Update Kubeless version" Néstor Salceda 2018-10-19 13:06:40 +02:00
  • e614e64331 Update Kubeless version Néstor Salceda 2018-10-19 12:57:14 +02:00
  • a3e336f782 Add permissions for functions run in Kubeless Néstor Salceda 2018-10-19 12:38:02 +02:00
  • 7d24eba1b6 Make playbooks compatible with Python 2.7 Néstor Salceda 2018-10-19 12:36:31 +02:00
  • 7dbdb00109 Also add endswith to lua parser (#443) Mark Stemm 2018-10-18 09:59:13 -07:00
  • a2319d2b8a Pull image from falcosecurity Néstor Salceda 2018-10-17 18:10:33 +02:00
  • 8d60d374f7 Add an integration with Phantom (#411) Néstor Salceda 2018-10-15 22:37:37 +02:00
  • 6ca316a7cc Rule updates 2018 08.v1 (#398) Mark Stemm 2018-10-12 19:44:24 -07:00
  • bc34e438ce fix deprecated statement. (#429) TaoBeier 2018-10-13 10:43:57 +08:00
  • 7fa6fc1b70 fix: use succeeded instead of completed to filter cronjob pods (#441) Guido García 2018-10-13 04:43:28 +02:00