Published:
July 31, 2015
falco feeds by sysdig
Falco Feeds extends the power of Falco by giving open source-focused companies access to expert-written rules that are continuously updated as new threats are discovered.
learn more
Bug Fixes
- Fix panic with some kernel versions
- Fix compiling errors on arm architecture
- Report
execveargs even if it fails - Minor bugfixes on csysdig
New and updated features
- Support for decoding
setnsandflocksyscall - Parse
O_CLOEXECflag onopenand related syscalls - Parse
CLONE_NEWUSERflag onclone - Support truncated tracefiles
- Now sysdig can rotate tracing file when capturing, using
-C,-e,-W,-G - Better extraction/filtering capabilities for event related to multiple file descriptors, like
poll - Precompiled kernel modules for older coreos releases
Downloads
Sources
Release detailsUpdate instructionsInstallation instructionsSource code
Support
Community support is available on the sysdig mailing list.Bugs and issues can be submitted through github.
featured resources