github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-09-20 01:17:46 +00:00
Code Issues Projects Releases Wiki Activity

Updated Generating Sample Events (markdown)

Mark Stemm
2016-10-24 15:25:42 -07:00
parent b7d8e20a7f
commit d010b7aa04
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Generating-Sample-Events.md

@@ -3,7 +3,7 @@ If you'd like to see if falco is working properly, we've created a test program
Here's the usage block for the test program: Here's the usage block for the test program:
``` ```
Usage /usr/local/bin/event_generator [options] Usage event_generator [options]
Options: Options:
-h/--help: show this help -h/--help: show this help
@@ -32,7 +32,12 @@ Options:
(used by user_mgmt_binaries below) (used by user_mgmt_binaries below)
user_mgmt_binaries Become the program "vipw", which triggers user_mgmt_binaries Become the program "vipw", which triggers
rules related to user management programs rules related to user management programs
exfiltration Read /etc/shadow and send it via udp to a
specific address and port
all All of the above all All of the above
The action can also be specified via the environment variable EVENT_GENERATOR_ACTIONS
as a colon-separated list
if specified, -a/--action overrides any environment variables
-i/--interval: Number of seconds between actions -i/--interval: Number of seconds between actions
-o/--once: Perform actions once and exit -o/--once: Perform actions once and exit
``` ```