mirror of
https://github.com/falcosecurity/falco.git
synced 2025-10-21 19:44:57 +00:00
a5daf8b058
* Allow appending to skipped rules If a rule has an append attribute but the original rule was skipped (due to having lower priority than the configured priority), silently skip the appending rule instead of returning an error. * Unit test for appending to skipped rules Unit test verifies fix for appending to skipped rules. One rules file defines a rule with priority WARNING, a second rules file appends to that rules file, and the configured priority is ERROR. Ensures that falco rules without errors.
4 lines
67 B
YAML
4 lines
67 B
YAML
- rule: open_from_cat
|
|
append: true
|
|
condition: and fd.name=/tmp
|