Bug#842306: ITP: falco -- Sysdig Falco is a behavioral activity monitor designed to detect anomalous activity in your applications

2024-01-17 Thread Petter Reinholdtsen 


Just for the record, the latest edition of falco provide a "modern" ebpf
probe in the kernel that is provied inside the binary and no longer
require a kernel module.  This allow the binary to work independent of
kernel version, as long as the kernel is new enough.  Not sure how new,
but the feature set required has been present in the the Linux kernel
for some years now.

This make it a lot easier to deploy falco on many hosts.

-- 
Happy hacking
Petter Reinholdtsen

Bug#842306: ITP: falco -- Sysdig Falco is a behavioral activity monitor designed to detect anomalous activity in your applications

2022-08-31 Thread Petter Reinholdtsen 
[Petter Reinholdtsen]
> I have encountered some issues with the BPF build, which I assume are
> solvable too.

I found a solution and have published by git-buildpackage based repo
with the build rules as https://salsa.debian.org/pere/falco >, in
case it can help the future maintainer of falco in Debian.  I lack the
capacity to maintain it by myself in Debian.

The current build sadly seem to download stuff from the Internet during
build.  No idea how to disable it, nor how much work it will be to get
any required dependencies packaged for Debian.

I guess the silence so far in the thread means no-one else is currently
interested in getting falco into Debian.

-- 
Happy hacking
Petter Reinholdtsen

Bug#842306: ITP: falco -- Sysdig Falco is a behavioral activity monitor designed to detect anomalous activity in your applications

2022-06-23 Thread Petter Reinholdtsen 
[Petter Reinholdtsen]
> I tried building following the recipe listed on
> https://falco.org/docs/getting-started/source/, but the cmake
> file seem to reject the grpc libraries available.  Perhaps you have
> better luck?  Or is the grpc libraries in Debian too old?

I got the build working by installing a few more build dependencies.

I have encountered some issues with the BPF build, which I assume are
solvable too.

-- 
Happy hacking
Petter Petter Reinholdtsen

Bug#842306: ITP: falco -- Sysdig Falco is a behavioral activity monitor designed to detect anomalous activity in your applications

2022-06-21 Thread Petter Reinholdtsen 
What happened with the plan to package falco in Debian?

I tried building following the recipe listed on
https://falco.org/docs/getting-started/source/, but the cmake
file seem to reject the grpc libraries available.  Perhaps you have
better luck?  Or is the grpc libraries in Debian too old?

-- 
Happy hacking
Petter Petter Reinholdtsen

Bug#842306: ITP: falco -- Sysdig Falco is a behavioral activity monitor designed to detect anomalous activity in your applications

2019-08-13 Thread Dean Hamstead 

Falco now has its very own website https://falco.org/

And github https://github.com/falcosecurity/falco

+1 to getting this packaged


On Wed, 2 Nov 2016 12:42:22 +0100 Julien Rabier  
wrote:


> Le 01 nov. à 17:07, Evgeni Golov a écrit :
> > Hi,
> >
> > On Mon, Oct 31, 2016 at 07:04:31PM +0100, Julien Rabier wrote:
> > > > Would you like to join Harlan and me in maintaining sysdig 
itself too?

> > >
> > > Yes, that would be great !
> >
> > You are "taziden-guest" on Alioth? And member of collab-maint?
> > Then there is nothing more to do than to say welcome :)
>
> Yes, that's me indeed !
> I will start working on it some time next week.
>
> Julien/taziden
>
>

Bug#842306: ITP: falco -- Sysdig Falco is a behavioral activity monitor designed to detect anomalous activity in your applications

2016-11-02 Thread Julien Rabier 
Le 01 nov. à 17:07, Evgeni Golov a écrit :
> Hi,
> 
> On Mon, Oct 31, 2016 at 07:04:31PM +0100, Julien Rabier wrote:
> > > Would you like to join Harlan and me in maintaining sysdig itself too?
> >
> > Yes, that would be great !
> 
> You are "taziden-guest" on Alioth? And member of collab-maint?
> Then there is nothing more to do than to say welcome :)

Yes, that's me indeed !
I will start working on it some time next week.

Julien/taziden

Bug#842306: ITP: falco -- Sysdig Falco is a behavioral activity monitor designed to detect anomalous activity in your applications

2016-11-01 Thread Evgeni Golov 
Hi,

On Mon, Oct 31, 2016 at 07:04:31PM +0100, Julien Rabier wrote:
> > Would you like to join Harlan and me in maintaining sysdig itself too?
>
> Yes, that would be great !

You are "taziden-guest" on Alioth? And member of collab-maint?
Then there is nothing more to do than to say welcome :)

Regards
Evgeni

Bug#842306: ITP: falco -- Sysdig Falco is a behavioral activity monitor designed to detect anomalous activity in your applications

2016-10-31 Thread Julien Rabier 
Le 29 oct. à 14:40, Evgeni Golov a écrit :
> Would you like to join Harlan and me in maintaining sysdig itself too?

Hi Evgeni,

Yes, that would be great !

Julien

Bug#842306: ITP: falco -- Sysdig Falco is a behavioral activity monitor designed to detect anomalous activity in your applications

2016-10-29 Thread Evgeni Golov 
Hi Julien,

On Thu, Oct 27, 2016 at 11:24:23PM +0200, Julien Rabier wrote:
> * Package name: falco
>   Version : 0.4.0
>   Upstream Author : Sysdig 
> * URL : http://www.sysdig.org/falco/
> * License : GPLv2
>   Programming Lang: C++, C
>   Description : Sysdig Falco is a behavioral activity monitor designed to
> detect anomalous activity in your applications.
> 
> Powered by sysdig’s system call capture infrastructure, falco lets you
> continuously monitor and detect container, application, host, and network
> activity... all in one place, from one source of data, with one set of rules.
> 
> I use Sysdig and Falco professionnally and would like to package and maintain
> Falco in Debian.

Would you like to join Harlan and me in maintaining sysdig itself too?

Greets
Evgeni

Bug#842306: ITP: falco -- Sysdig Falco is a behavioral activity monitor designed to detect anomalous activity in your applications

2016-10-27 Thread Julien Rabier 
Package: wnpp
Severity: wishlist
Owner: Julien Rabier 

* Package name: falco
  Version : 0.4.0
  Upstream Author : Sysdig 
* URL : http://www.sysdig.org/falco/
* License : GPLv2
  Programming Lang: C++, C
  Description : Sysdig Falco is a behavioral activity monitor designed to
detect anomalous activity in your applications.

Powered by sysdig’s system call capture infrastructure, falco lets you
continuously monitor and detect container, application, host, and network
activity... all in one place, from one source of data, with one set of rules.

I use Sysdig and Falco professionnally and would like to package and maintain
Falco in Debian.