Skip to content

nanorobocop/execsnoop-k8s

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Execsnoop-K8s

Log all binary executions in Kubernetes.

Based on BPF program from iovisor/gobpf.

Development WIP.

Build

  1. Install https://github.com/iovisor/bcc (INSTALL.md)

  2. Build on host machine:

    go build execsnoop.go
  3. Dockerize

    docker build -t execsnoop .

Run in Docker

sudo docker run --rm -it -v /lib:/lib -v /usr/src:/usr/src -v /var/run/docker.sock:/var/run/docker.sock --privileged execsnoop

Run in Kubernetes

TBD

Releases

No releases published

Packages

No packages published