Change tests for privileged container rules.

Change unit tests to reflect the new privileged/sensitive mount container rules that only detect container launch.
falcosecurity · Jun 19, 2017 · 0f9f299 · 0f9f299
1 parent 1c0a77d
commit 0f9f299
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/test/falco_traces.yaml.in b/test/falco_traces.yaml.in
@@ -17,14 +17,14 @@ traces: !mux
     detect: True
     detect_level: INFO
     detect_counts:
-      - "File Open by Privileged Container": 17
+      - "Launch Privileged Container": 1
 
   container-sensitive-mount:
     trace_file: traces-positive/container-sensitive-mount.scap
     detect: True
     detect_level: INFO
     detect_counts:
-      - "Sensitive Mount by Container": 17
+      - "Launch Sensitive Mount Container": 1
 
   create-files-below-dev:
     trace_file: traces-positive/create-files-below-dev.scap