Monitoring Linux system calls with Falco
Conclusion
Falco is a system call monitoring solution that lets you create your own rules and then log or output events that match those rules. You set up Falco on a single, monolithic Linux system, or you can use it in a distributed setting. Falco is used extensively for monitoring Kubernetes systems.
Infos
- strace: https://strace.io/
- Falco: https://falco.org/
- CNCF: https://www.cncf.io/
- glibc: https://www.gnu.org/software/libc/
- musl: https://musl.libc.org/
- io_uring: https://man7.org/linux/man-pages/man7/io_uring.7.html
- auditd: https://github.com/linux-audit/audit-userspace
- Ansible: https://github.com/ansible/ansible
- minikube: https://minikube.sigs.k8s.io/docs/
« Previous 1 2 3
Buy this article as PDF
Express-Checkout as PDF
Price $2.95
(incl. VAT)
(incl. VAT)
Buy Linux Magazine
TABLET & SMARTPHONE APPS
US / Canada
UK / Australia