Published:
January 20, 2015
Table of contents
falco feeds by sysdig
Falco Feeds extends the power of Falco by giving open source-focused companies access to expert-written rules that are continuously updated as new threats are discovered.
learn more
**Bug Fixes** * Improved performance of libscap during live captures * Expand the sysdig-probe ring buffer size: now it's 8 MB per CPU (was 1 MB) * Fix syntax error in fdtime_by chisel * Fix syntax error in zsh completion * Many minor bugfixes * evt.latency was returning wrong valuesNew and updated features
get_terminal_infochisel API function
New and updated chisels
spectrogramchisel: Visualize OS latency in real time.
New and updated filter fields
evt.buflenfilter field
New and Updated events
clone,execve,fork,vfork: returncommparameter to report the executable file name rather than guessing it fromargv[0]
Resources
Release detailsUpdate instructionsInstallation instructionsSource code
Support
Community support is available on the sysdig mailing list.Bugs and issues can be submitted through github.
featured resources