mirror of
https://github.com/falcosecurity/falco.git
synced 2025-09-23 10:57:59 +00:00
Updated Falco Configuration (markdown)
@@ -30,7 +30,6 @@ a list containing these sub-keys:
|
|||||||
|
|
||||||
* `enabled: [true|false]`: if true, falco alerts will be sent via syslog
|
* `enabled: [true|false]`: if true, falco alerts will be sent via syslog
|
||||||
|
|
||||||
|
|
||||||
####`file_output`
|
####`file_output`
|
||||||
|
|
||||||
a list containing these sub-keys:
|
a list containing these sub-keys:
|
||||||
@@ -45,3 +44,12 @@ a list containing thse sub-keys:
|
|||||||
|
|
||||||
* `enabled: [true|false]`: if true, falco alerts will be sent to standard output
|
* `enabled: [true|false]`: if true, falco alerts will be sent to standard output
|
||||||
|
|
||||||
|
####`program_output`
|
||||||
|
|
||||||
|
a list containing these sub-keys:
|
||||||
|
|
||||||
|
* `enabled: [true|false]`: if true, falco alerts will be sent to a program
|
||||||
|
* `program: <program>`: the program to run for each alert. This is started via a shell, so you can specify a command pipeline to allow for additional formatting.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user