Changelog
bcf7153 helpers/btfinfo: renamed to osinfo and improved, syncing (#981)
dfdb5d6 tracee-ebpf: move prepare_args() to argprinters file
e2f9f1b tracee-ebpf: add sched_process_exec to default set
b55da80 Use filepath.WalkDir() to scan for signatures (#901)
90b7530 fix json unmarshaling nil
f9b4394 tracee-rules: add GetSelectedEvents
aad4c95 tracee-ebpf: fix process tree disabled
9d588c9 Implement process tree filter (#927)
e438abe Feature/fetch system info (#945)
7910a97 feat: Bump OPA to v0.32.0 (#978)
d4cdac0 tracee: move MissingKernelConfigOptions to libbpfgo helper
1aac441 tracee-ebpf: update to latestl libbpfgo due to kconfig changes
dd77f56 tracee-ebpf: fix sched_process_fork arg names
dcb26c2 add mknod lsm hooks (#970)
c02ae01 tracee-ebpf: simplify events pipeline
f184b9e handle param type int[2] (#969)
a4bac29 tracee-ebpf: mitigate deadcode optimization issue for 5.4 and less
b4181ca tracee-ebpf: linting: spellcheck, empty chars & statements
3f412c5 tracee-ebpf: fix sched_process_exec argument types
0177dae tracee-ebpf: add capture profile documentation
7f98f9b fix incorrect cli flags in docs example
5c85d2a tracee-ebpf: don't send stats in done channel
c81d975 fix unmarshaling of string arrays
c261897 tracee-ebpf: fix build error after libbpfgo linting fixes
5cfba33 tracee-ebpf: move printer to main package
1514fb5 tracee-ebpf: fix network capture with latest libbpf
4584f75 tracee-ebpf: add static build support for portability
b0eba9e tracee-ebpf: use replace for the external package (#949)
a3c2d51 tracee-rules: update dependency Masterminds/sprig (#938)
b644fe8 tracee-rules: refactor non used code (#939)
61dfcd8 tracee-ebpf: add stats to external
fef7e8a tracee-ebpf: support network capture from multiple interfaces
c1ce717 tracee-ebpf: remove gob printer errEnc
5627299 tracee-ebpf: fix error printing to be always text
05daef9 tracee-ebpf: fix gob test (#941)
ce2b75e tracee-ebpf: restructure and split files
5a0eb2d tracee-ebpf: improve Containers object
5032dc4 tracee.go: initialize pid_to_cont_id_map during startup
e176bdc tracee: support external BTF files
7380f08 tracee-ebpf: update to libbpfgo with initial btfinfo
b700761 tracee-ebpf: Change libbpfgo map methods to new prototype
ed0f4a2 tracee-ebpf: update libbpf to sync with libbpfgo
25ffccd tracee-ebpf: update to libbpfgo v0.2.0-libbpf_0.4.0
5ae1610 tracee-ebpf: add syscall_nr to security_file_open
a3e048b tracee-ebpf: fix get syscall id from regs
3baa952 tracee-ebpf: fix regression - program too large in kernel 4.19
8a43404 tracee-rules: fix rego signature loading
cbc56c9 add flags support for make test (#879)
329154e tracee-ebpf: add --output ignore (#882)
4ad02de tracee-ebpf: print help for invalid arguments
2bae871 tracee-ebpf: remove '--capture all'
8462b71 tracee-ebpf: don't filter security_file_open for open/openat
9cd6bb5 tracee-ebpf: don't send zero-sized chunks
e277be2 tracee-ebpf: simplify save_xxx_to_buf logic
ceece80 tracee-rules: improve error logging
0770dc4 add close on fileread finish
ad2596a remove unneeded var
1bc09c3 change invoked_from_kernel detection method
fb605fe Fix CO:RE support for RHEL and RHEL derivatives
cb836e1 fix rule name partially cropped in error message (#867)
82a1289 tracee-ebpf: add support to custom rego helpers
147f6de tracee-ebpf: fix capabilities minimum requirements
9f917a1 tracee-ebpf: turn MAX_PATH_COMPONENTS down to 48 (#889)
282bcbd tracee-ebpf: fix help flag to print to stdout
26a9eb2 tracee: add tini tracee docker image (#883)
aee7e8f tracee-ebpf: add output validate test (#881)
76a932f tracee-rules: enable pprof endpoints (#860)
3bca7ea tracee-ebpf: improve argprinters test coverage (#877)
f641d42 tracee-rules: fix minimum requirements link
5ce9ff4 tracee-ebpf: refactor to avoid two strings.Split (#859)
4c99a2a Change quickstart one liner to just make note of mounting config
Docker images
docker pull docker.io/aquasec/tracee:latestdocker pull docker.io/aquasec/tracee:0.6.1docker pull docker.io/aquasec/tracee:slimdocker pull docker.io/aquasec/tracee:slim-0.6.1