K3S-HOME/security
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FIX(falco): falco config errors

Browse Source 
- Remove unsupported outputs_queue_capacity option
- Fix Container Drift Detection rule (remove undefined rename macro)
This commit is contained in:
Mayne0213
2026-01-01 23:20:39 +09:00
parent 765104bb4e
commit 5f197a607b
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
falco/helm-values.yaml
View File

@@ -31,7 +31,6 @@ falco:
# Performance tuning # Performance tuning
buffered_outputs: true buffered_outputs: true
outputs_queue_capacity: 10000
# Rules configuration # Rules configuration
rules_files: rules_files:
@@ -73,7 +72,7 @@ customRules:
desc: Detect file modifications in containers desc: Detect file modifications in containers
condition: > condition: >
container and container and
(open_write or rename or remove) and open_write and
not proc.name in (apt, yum, dnf, apk, npm, pip) not proc.name in (apt, yum, dnf, apk, npm, pip)
output: > output: >
File modified in container File modified in container