Daniel Pacak

I think it's a good idea, but implementing it with GitHub may be tricky. We have enabled branch protection rule that **Require status checks to pass before merging PR**. However,...

Correct. No matter how many workflows we have, with or without exclusion rules, they are not respected by branch protection rules that you configure at GitHub repository level (under Settings...

It's interesting because I cannot reproduce it in the default Vagrant machine configured for the project, i.e. vagrant up && vagrant ssh && cd /vagrant However, I looking at builder/Makefile.tracee-make:177...

Have you considered using existing logging frameworks? For example, https://github.com/sirupsen/logrus or https://github.com/uber-go/zap. They are pretty common and somehow define log levels and structured message format (e.g. [JSON Lines](https://jsonlines.org)) so logs...

I think it make sense. Could you provide sample values for each header type? I'm not quite sure if I understood the difference between Origin and Source headers in particular.

Are you using the --debug flag by any chance? We've seen similar error when tracee-ebpf was run with --metrics or --debug flag that clutter the standard output. See for example...

Are you trying Tracee on Amazon EKS? Could you provide more details which version is it? I assume all cluster nodes are run on machines with 5.4.162-86.275.amzn2.x86_64 kernel.

I run a quick test on a similar EKS environment and it seems to work just fine:  I'm getting some webhook errors but it's because I haven't...

@brackend could you please format and share snippet of tracee.yaml that you updated? I cannot see what's the difference in setting the LIBBPFGO_OSRELEASE_FILE env in https://github.com/aquasecurity/tracee/blob/v0.7.0/deploy/kubernetes/tracee-postee/tracee.yaml#L26

> the ignorance of this security relevant issue and the lack of understanding of basic security concepts does not shed any good light on this project. > > meanwhile i've...