Comment by imcritic
1 month ago
Can this program do more than just observe and trace what happens?
Can one use it to set up some rule to suppress some of the syscalls sent to a specific process? Or alter them by some logic on the go?
1 month ago
Can this program do more than just observe and trace what happens?
Can one use it to set up some rule to suppress some of the syscalls sent to a specific process? Or alter them by some logic on the go?
It's currently only passive, but that'd be an interesting feature. In order for that to happen we'd have to add that functionality to https://github.com/falcosecurity/libs/ along with the necessary plumbing in the UI.