Changelog
e5f25a7ce93f366778d58f78ef749ad603f281de fix release
24ea252c323f958e8776e70367b51b4e9bc4d783 fix docker image contains glibc artifacts
1b9c59fde755c6e0179071d53e2adbe469d332ea fix release to fetch submodules
6c2b2e5b6143e5ebd1c4235b916f87dfde707994 fix dependency resolution in tracee-rules
0575cb7b157d101d4ed01a95a5ca0978330f3b7c Revert "fix release as monorepo"
ef7e96ace8592fe6eb2333008391f0bfb9b6ce8e update import paths after restructure
f1f841daefca9bb4acf0a7ee6d1c9405c104c77a remove code injection sig from go
b4501be6552cb982824b170e84b5109053cb68ce Fix stdio over socket (#552)
a7c47e96da0ff4373ad818978da4dd2178d2bf15 fix release as monorepo
a750666805849c14bc64094494d363a27e32c864 tracee-ebpf: add switch_task_ns event
c92b5c551495a3eeffc7249acbbfa8b4f0ce72ac fix match for non af_inet sockets
5b2a740b8d4a0487478b67853f853171b9347952 Add signatures (#528)
3fcee47b02d9b7ed1cfb5c6565815f541e04afcd update entrypoint to use security-alerts
6ea5773ba30e84694894b95f1d51691d2b5e2ad7 tracee-ebpf: Add commit_creds event
4bd2e3cd1cf32411526f2869d91e38e0fc37a6c7 fix make release didn't build slim image
c34c10f390fc611406e6f8f5f7362c7869b50198 fix: trace-ebpf: Fix typo in clang option (#526)
f0604fba5474e8a4995bc057e785792e20dc19df Merge pull request #525 from grantseltzer/list-flag-output-fix
b1bf684f55054dd241fc9c364d26528f76d3d6f9 fix: Move example sigs into own dir and exclude from build. (#523)
fc534300281f1ca60498cf49b196825432054e07 add tracee container
4255857da3a8ca9c8202b537cd4612725bedf51d fix makefile
6d632e3c8582d5cccd799b5ac32c6cb4aa68daa2 add option to make bpf from root
f474f44066e4f012dba8bf07d9f5c67e7cd56ebe Merge pull request #518 from grantseltzer/input-source-unit-tests
2e827a37b8bff5cc5e5cc01b08a71b6d5c9ffabc Fix: rename signatures and add spacing to printing of them with --list flag
a5e8040018c18a4345621d87436dfbb8affc1ef5 start of unit tests for input source setup functions
f41c794d8ce23b180ac22be0a30dfc4c28a2880e fix webhook panic when server returns error
b54cfda365ec79c444a18ea16d5e68cf2fa64e52 Merge pull request #500 from grantseltzer/gs/print-help-tracee-rules
dbc56af61a0c1fccca6b42fc5c09676973484c51 Update readme, fix default logic
8645c0a1ca0a965d06e7988454f450d717dc09ba Update tracee-rules/input.go
86c09583560df3f0e2785602bffc19184b81e4c1 fix: Address a few typos
4d43dc1187154939297c20efc72540229f0aecc0 rename tracee input parsing functions
eb8f7dbacd55950df69478283376fdb703552967 rename help error
48bd0d32299b4b07e3102a4c87a0f016bac49bf9 Remove more references to EOT, set default values for tracee input (gob from stdin)
696053a35f9c9d4570209385facb48d722308a50 Close on EOF, not on EOT
b2756e5dbcbe713b44fa04a68be52ec1aa025a0a remove the eof/eot option
311e42378d8bac1df0c39803b3c44e8812a2b504 adress feedback about help being displayed
effd1f6ca2862518b9b9537e0c53ddef7ae5128b Remove old flags
9829d2b6719ee61b349d10cfa7a119c5c59d7cdd add minimal unit tests
8cc046fcc0e11c45ee92cb978f985985a6aa86a6 add invalid input checks
0e5c733cedfdd6422613643169c2a3c38a88627f Refactor flags in tracee-rules
3590ef06f32af21d7cdc7b318712ac041a772e5d feat: Add tests for core engine functionality (#477)
8e4e7b35902bb17ad2df1071cbf14f9a9c27257a Merge pull request #510 from aquasecurity/remove-eot-tracee-ebpf
0e61c188eb0b2bb99d3e957f5d1e38baa0eb8796 Update contributing guidelines (aka team agreements)
9deb2cea3c9002d5537a4537b8a488b686d4adcb Remove the notion of an EOT event signalling end of transmision
da310b07bbc71705b1c12c2e6ccb6cb19a5cbf33 refactor: tracee-rules use types from tracee-ebpf
775ac46c8cb5e5b708af39ef1a02a2ad4bc0d385 rename tracee execuable to tracee-ebpf
17d840f899562a047c33b2eae9370061978a37e1 feat: add root level Makefile for release
5ac1db482a097a14b39ae9e552242f62473c2d62 feat: mostlyclean target
b04facc55a4ac4995f71eaf7d0bd8f619f64835d fix: improve makefile targets
a95d52dd2b338446b5a2cf040c1dfb79b2c3d3fe fix: don't send context when building builder
062c7b15b989da6ec27b3a9097be14f4ca701ef9 fix: docker builder file creation and cleanup
d931f21bc3315ce2ebfb0dcbc4d297e030812514 fix: make in docker without git
02900d92b91ca3ea77193c5333252a76a53e6740 fix: make in docker ignoring target
d28d4cca4ad20852b5fc392ec37ab31a51fc01ed feat: convert anti_debugging sig to rego
5905ce4fa267a0069b1b70402cf8364a3f9a640e feat: add rego tests
febd3de75f5522938e08e155e70e8154ffe4c8e1 lint: Address a few idiomatic Go improvements (#427)
4fdcba8ad7ad51f7bff77faed1add657ecbbf2fa Merge pull request #449 from aquasecurity/traceprint
dd1dbb15074cd47bbcdf143d73ba3cee303e6af8 Add tracee-rules pr workflow
a3d574896bc4c547535d6467842d8190e532cd31 Fix tracee-rules build
c43b1c3394ec639bb0ea71ef69ef75d27fe522a0 Restructure repo as monorepo (#459)
57797050702a3dba5c816f343122ce1c8bcbc2da fix: allow reading from stdin
5fc24f000b3ae93abcf7c7576e478ee73995077a docs: add tracee-rules readme
bb3d227392fa5ab9306dbaab64e01440c995792d fix sigs building
e6b431e7147301f3de301e3c8a3f15b0d5b92d35 fix regosig numeral handling
86c815c5ea0385247c705e4fb51757cb35997ded rego optimizations
07aa51f8335cb5cd9dcebed4995dee14be7a2d30 add support for rego signatures
9a8c83602df1a6e47b6dff8a7e0c75c6fd859dd2 simplify finding data
4025eff51bb490ad52f36c8699ca46b81050940d add code injection signature
de77008dc253e292221d1f63f4aa0560f203d5b6 add anti debugging signature and sigs tests infra
e12b1ce274796f1c3ad07a8aae93b70404d6c8be improve signature error handling
56fa8977f55922307c97cdcd1b4463dd965b929f tracee-rules rewrite
8841bc018318489e03241a9c848933375ccb965d Rule engine initial commit
1d879fc587151b76720bb6c2a033982675ae7ad5 write errors to stderr, and close file
4d721af558196cd03dc7ecb41ac316790e6da508 feat: add TracePrint to libbpfgo
a87426a702aa1b69d38dbe1f96b8179f38471ea5 fix: default output format
fbdf5a6f72e60bb6ead7b8b2612c4e5358065d44 fix: written files index relative to out dir
871c1db8bd2d3586130b1247336727f40dd8d390 Add pin, unpin and setpin for maps in libbpfgo (#437)
Docker images
docker pull docker.io/aquasec/tracee:latest
docker pull docker.io/aquasec/tracee:0.5.0-pre2
docker pull docker.io/aquasec/tracee:slim
docker pull docker.io/aquasec/tracee:slim-0.5.0-pre2