Comments (1)
Found that sysdig container.id!=host
can successfully record the events in lxd container.
However, sysdig -p "%container.id" container.id!=host
output only \n
. In other words, sysdig cannot identify lxd container's ID.
As I tried Falco, it can identify my lxd container name:
12:35:06.232167470: Warning Sensitive file opened for reading by non-trusted program (file=/etc/shadow gparent=lxd ggparent=lxd gggparent=daemon.start evt_type=openat user=<NA> user_uid=1000000 user_loginuid=-1 process=cat proc_exepath=/usr/bin/cat parent=bash command=cat /etc/shadow terminal=34817 container_id=my-test container_name=my-test)
I hope sysdig can identify it as Falco does.
from sysdig.
Related Issues (20)
- Ask about evt.type=procinfo HOT 3
- UDP connections not closing anymore HOT 1
- implicit declaration of function 'strlcpy'; did you mean 'strscpy'? HOT 3
- Trash in images HOT 4
- Issue with Terraform Provider HOT 1
- Question: Implications of chisles removal from falcosecurity/libs HOT 2
- Max size of --snaplen HOT 1
- 0.36.1 build failure HOT 1
- Error! Bad return status for module build on kernel: 6.8.7-arch1-2 (x86_64) HOT 2
- error linking to falcosecurity-libs built as a shared library HOT 2
- Use --modern-bpf as a fallback when /dev/scap0 does not exist? HOT 2
- Sign Sysdig modules to support running on systems with Secure Boot enabled HOT 1
- [*] Can't find "%proc.exe_ino" in output file HOT 1
- Building sysdig fails with userspace/libscap/engine/kmod/scap_kmod.c:372:(.text+0x35c7): undefined reference to `scap_get_host_root' HOT 3
- monitor interface operation
- I want to use “-pk” and "k8s.pod.name" filter option,now I need install what libs?
- the event information captured by sysdig is incomplete,and the evt.num is not consecutive? HOT 1
- Cant install sysdig on RedHat 9.4
- Sysdig -B crashes on multiple ubuntus HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sysdig.