Execsnoop-K8s

Log all binary executions in Kubernetes.

Based on BPF program from iovisor/gobpf.

Development WIP.

Build

Install https://github.com/iovisor/bcc (INSTALL.md)
Build on host machine:
```
go build execsnoop.go
```
Dockerize
```
docker build -t execsnoop .
```

Run in Docker

sudo docker run --rm -it -v /lib:/lib -v /usr/src:/usr/src -v /var/run/docker.sock:/var/run/docker.sock --privileged execsnoop

Run in Kubernetes

TBD

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
vendor		vendor
Dockerfile		Dockerfile
LICENSE		LICENSE
README.md		README.md
execsnoop.cc		execsnoop.cc
execsnoop.go		execsnoop.go
go.mod		go.mod
go.sum		go.sum

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

vendor

vendor

Dockerfile

Dockerfile

LICENSE

LICENSE

README.md

README.md

execsnoop.cc

execsnoop.cc

execsnoop.go

execsnoop.go

go.mod

go.mod

go.sum

go.sum

Repository files navigation

Execsnoop-K8s

Build

Run in Docker

Run in Kubernetes

About

Releases

Packages

Languages

License

nanorobocop/execsnoop-k8s

Folders and files

Latest commit

History

Repository files navigation

Execsnoop-K8s

Build

Run in Docker

Run in Kubernetes

About

Topics

Resources

License

Stars

Watchers

Forks

Languages