You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It's using nc (netcat) as part of the alerting mechanism.
But using latest image:
> sudo docker images Fri 05 Oct 2018 11:11:32 AM EDT
REPOSITORY TAG IMAGE ID CREATED SIZE
sysdig/falco latest 2608233e59ea 3 weeks ago 685MB
You can see it is not installed here:
> sudo docker run -it --entrypoint=/bin/sh sysdig/falco -c nc 5.7s Fri 05 Oct 2018 11:09:33 AM EDT
/bin/sh: 1: nc: not found
Curl appears to exist though
> sudo docker run -it --entrypoint=/bin/sh sysdig/falco -c curl 1092ms Fri 05 Oct 2018 11:09:58 AM EDT
curl: try 'curl --help' or 'curl --manual' for more information
And from within that container (image):
# find / -type f -name 'nc'
/usr/share/bash-completion/completions/nc
The text was updated successfully, but these errors were encountered:
When we originally wrote those examples, we were using falco installed directly on the host instead of in a container. But you bring up a good point that it might be useful to have netcat in the falco container as well, so it would be possible to handle generic event forwarding. Addressed in #456.
Outlined in the docs:
https://github.com/falcosecurity/falco/wiki/Falco-Alerts#program-output-sending-alerts-to-network-channel
It's using
nc
(netcat) as part of the alerting mechanism.But using latest image:
You can see it is not installed here:
Curl appears to exist though
And from within that container (image):
The text was updated successfully, but these errors were encountered: