tracker

package module

v0.0.1 Latest Latest Go to latest Published: Aug 14, 2023 License: Apache-2.0 Imports: 1 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

README ¶

Tracker: Runtime Security and Forensics using eBPF

Tracker uses eBPF technology to tap into your system and give you access to hundreds of events that help you understand how your system behaves. In addition to basic observability events about system activity, Tracker adds a collection of sophisticated security events that expose more advanced behavioral patterns. You can also easily add your own events using the popular Rego language. Tracker provides a rich filtering mechanism that allows you to eliminate noise and focus on specific workloads that matter most to you.

To learn more about Tracker, check out the documentation.

Quickstart

You can easily start experimenting with Tracker using the Docker image as follows:

docker run \
  --name tracker --rm -it \
  --pid=host --cgroupns=host --privileged \
  -v /etc/os-release:/etc/os-release-host:ro \
  -v /boot/config-$(uname -r):/boot/config-$(uname -r):ro \
  khulnasoft/tracker:$(uname -m)

To learn how to install Tracker in a production environment, check out the Kubernetes guide.

Tracker is an KhulnaSoft Security open source project.
Learn about our open source work and portfolio Here.
Join the community, and talk to us about any matter in GitHub Discussion or Slack.

Documentation ¶

Index ¶

Variables

Constants ¶

This section is empty.

Variables ¶

View Source

var RegoHelpersCode string

Functions ¶

This section is empty.

Types ¶

This section is empty.

Source Files ¶

View all Source files

embedded.go

Directories ¶

Path	Synopsis
api module
cmd
tracker
tracker-bench
tracker-ebpf
tracker-gptdocs
tracker-rules
tracker/cmd
pkg
bucketscache
bufferdecoder Package bufferdecoder implements simple translation between byte sequences and the user-defined structs.	Package bufferdecoder implements simple translation between byte sequences and the user-defined structs.
capabilities
cgroup
cmd
cmd/cobra
cmd/flags
cmd/flags/server
cmd/initialize
cmd/printer
cmd/urfave
config
containers
containers/runtime
counter
ebpf
ebpf/controlplane
ebpf/initialization
ebpf/probes
errfmt
events Invoked tracker-ebpf events from user mode	Invoked tracker-ebpf events from user mode
events/derive
events/parse
events/queue package queue defines the interface and and implementation of a queue for events storage.	package queue defines the interface and and implementation of a queue for events storage.
events/sorting Package sorting is responsible for sorting incoming events from the BPF programs chronologically.	Package sorting is responsible for sorting incoming events from the BPF programs chronologically.
events/trigger
filters
filters/sets
logger
metrics
mount
pcaps
policy
policy/v1beta1
server
signatures/benchmark/signature/golang
signatures/benchmark/signature/rego
signatures/benchmark/signature/wasm
signatures/celsig
signatures/celsig/wrapper
signatures/engine
signatures/metrics
signatures/rego
signatures/regosig
signatures/signature
utils
utils/environment
utils/proc
utils/sharedobjs
signatures
golang
golang/examples
helpers
signaturestest
tests
e2e-inst-signatures
e2e-net-signatures
integration
integration/syscaller/cmd
testutils
types module

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL