New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
wip: adding new event of copying content of sensitive files #99
base: main
Are you sure you want to change the base?
Conversation
Signed-off-by: h4l0gen <ks3913688@gmail.com>
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: h4l0gen The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Welcome @h4l0gen! It looks like this is your first PR to falcosecurity/event-generator 🎉 |
Hey maintainers, this is my first PR for the event-generator. I've created an event for the first time, so please review the PR and provide me with your valuable feedback. Thank you! |
/kind feature |
/area events |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, but I can't find any "Download Sensitive File" rule: https://github.com/falcosecurity/rules/tree/main/rules
Each action must match a specific existing rule and have the same name
(I apologize because I know this convention is not documented).
So my question is: which rule is this event targeting? 🤔
@leogr , oh i wasn't aware of this
then this event doesn't belong to any specific rule. I just created it as per security concern. |
@leogr i came across this rule |
What type of PR is this?
/kind feature
Any specific area of the project related to this PR?
/area events
What this PR does / why we need it:
This PR is adding an event which will try to copy content of sensitive files to another destination.
Which issue(s) this PR fixes:
Fixes #96
Special notes for your reviewer: