falco

mirror of https://github.com/falcosecurity/falco.git synced 2025-10-22 12:27:10 +00:00

Files

Mark Stemm 5e8dc8bce4 Add falco,event generator files for k8s.

Add example k8s yaml files that allow for running falco as a k8s
daemonset and the event generator as a deployment, running on 1 node.

Falco is configured to send its output to a slack webhook corresponding
to the #demo-falco-alerts channel on sysdig's public slack channel.

The output is is k8s friendly by using -pk, -k (k8s api server), and
-K (credentials to communicate with api server).

2017-03-07 10:46:32 -08:00

falco-daemonset.yaml

Add falco,event generator files for k8s.

2017-03-07 10:46:32 -08:00

falco-event-generator-deployment.yaml

Add falco,event generator files for k8s.

2017-03-07 10:46:32 -08:00

README.md

Add falco,event generator files for k8s.

2017-03-07 10:46:32 -08:00

README.md

=Example K8s Services for Falco=

The yaml file in this directory installs the following:

Open Source Falco, as a DaemonSet. Falco is configured to communicate with the K8s API server via its service account, and changes its output to be K8s-friendly. It also sends to a slack webhook for the #demo-falco-alerts channel on our public slack.
The Falco Event Generator, as a deployment that ensures it runs on exactly 1 node.