github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-08-11 02:52:54 +00:00
Code Issues Projects Releases Wiki Activity

Updated Falco Configuration (markdown)

Mark Stemm 2017-10-09 16:56:21 -07:00
parent 604f91d8aa
commit 7fa90fd057
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Falco-Configuration.md

@ -64,6 +64,7 @@ a list containing these sub-keys:
a list containing these sub-keys:
* `enabled: [true|false]`: if true, falco alerts will be sent to the specified file
* `keep_alive: [true|false]`: If false (default), will reopen file for every alert. If true, will open the file once and keep it open for all alerts. Might be necessary to also specify `--unbuffered` on falco command line.
* `filename: <path>`: the location of the file to which alerts will be sent
@ -78,6 +79,7 @@ a list containing these sub-keys:
a list containing these sub-keys:
* `enabled: [true|false]`: if true, falco alerts will be sent to a program
* `keep_alive: [true|false]`: If false (default), run program for each alert. If true, will spawn program once and keep it open for all alerts. Might be necessary to also specify `--unbuffered` on falco command line.
* `program: <program>`: the program to run for each alert. This is started via a shell, so you can specify a command pipeline to allow for additional formatting.