Barun Acharya
Barun Acharya
Hey @anonymousr007 and @MayankMittal1, Glad to see y'all interested to working on this. As I mentioned in the earlier comment, I would suggest going through [CONTRIBUTING.md](https://github.com/kubearmor/KubeArmor/blob/main/CONTRIBUTING.md) for ways to get...
Just noting and referencing some additional changes I did to existing CRDs for kArmor here, So if possible _maybe_ can be taken into consideration here since the PR still seems...
LGTM. Can you share a sample telemtry event? Thanks
We support blocking Syscalls?
> For System calls monitoring, we only support audit mode no matter what the action is set to. But we only did audit?
Then why do you have a Permission denied alert? 😅
Okay. Makes sense. But the ptrace observer we adding. Shouldn't it show up with `Operation: Syscall`? provided ptrace is allowed.
Okay, then can you apply a sample policy and share the relevant telemetry event for the same?
> currently we are not auditing ptrace syscall [Audit Syscalls](https://github.com/kubearmor/KubeArmor/blob/main/KubeArmor/monitor/syscallParser.go#L773) Is this added here? Changes to audit ptrace?