Skip to content

rcohencyberarmor/kubescape-ebpf-engine

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
.vscode
.vscode
 
 
inc
inc
 
 
src
src
 
 
.gitignore
.gitignore
 
 
CMakeLists.txt
CMakeLists.txt
 
 
README.md
README.md
 
 
install_dependencies.sh
install_dependencies.sh
 
 

Repository files navigation

eBPF Engine

Build

  1. Pull and build vendor libraries by running the following script:
./install_dependencies.sh

This step can take ~15 minutes depending on your machine.

  1. Build the engine:
mkdir ./build && cd build
cmake ..
make all

Run

sudo ./build/main -f "evt.type=execve or evt.type=execveat" -e ./dependencies/falco-libs/build/driver/bpf/probe.o

The command above will listen on all execve and execveat syscalls occuring in containers (by default we will print data only in containers).

Check out the available flags by running: ./build/main -h

About

ebpf engine using falco libs

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages