Published:
March 16, 2015
falco feeds by sysdig
Falco Feeds extends the power of Falco by giving open source-focused companies access to expert-written rules that are continuously updated as new threats are discovered.
learn more
Bug Fixes
- Under certain conditions, sysdig could crash during socket scanning in
/proc - Improve default truncation algorithm when
-vis not specified - Improved
spy_userschisel accuracy - Many minor bugfixes
New and updated features
- sysdig can now be concurrently opened multiple times
existsclause for filters, e.g.sysdig proc.name existsinclause for filters, e.g.sysdig "evt.type in ( 'select', 'poll' )"
Downloads
Sources
Release detailsUpdate instructionsInstallation instructionsSource code
Support
Community support is available on the sysdig mailing list.Bugs and issues can be submitted through github.
featured resources