Asking a question.
I don´t know if this is the right place to ask, but in StackFlow, despite my case having seven views, nobody answered yet
My problem is this:
I want to run a container a she¡l script (I´m using docker, but my final target is AWS Fargate). The script produces an output that I can send to stdout or syslog. The issue is that I can´t recover the output from triggering a Falco rule that its output is exactly the script output.
For more information, what I´m trying to achieve is this:
If I already have text files, with the files allowed to be in a directory and the SHA256 of each one of them. I want to know if the allowed files have appeared or disappeared or if the SHA 256 of one of them is not what I expected.
I was trying to log the script result to syslog, but so far, I don´t know how to consider syslog as a new input for Falco or which syscall I need to call in my script.
Can you help me, please?
toggle quoted message Show quoted text
Thanks for reaching out! I'm not sure I've fully understood your question, so I can't give an answer right now.
However, I'd suggest you to ask in our Slack channel:
On Wed, Dec 21, 2022, 01:24 Raul Rodriguez <raul.rodriguez@...> wrote:
|1 - 2 of 2|