Changelog
6b927a6 Revert: Disable WASM target (#1057)
c45a719 Add documentation for undocumented output options (#1056)
e6ecb4e Document new tracee-rules signatures (#1055)
97ac6ec Tracee end-to-end tests (#1033)
32c3e1c add postee in kubernetes install
9ffecdb tracee-ebpf: init event data once
fac8552 add footer to readme (#1050)
2276d7a Individual module git tags (#1034)
4382fd8 Add execution information flags to tracee-ebpf (#1041)
7e32ea7 chore(deploy): Add tolerations to K8s deployment descriptor (#1040)
72972b0 Improve error message of being unable to find kernel headers (#1046)
fccbca3 add bunch of k8s related signatures (#1031)
c8b18f5 fix(tracee-rules): Ignore order of elements in engine_test.go (#1042)
396ed0e tracee-ebpf: add exit code to sched_process_exit
968b07f tracee-ebpf: always delete from maps on exit
bbc6c44 tracee-ebpf: update exec maps in sched_process_exec
90eebe9 tracee-ebpf: remove save_args_from_regs
939e418 tracee-ebpf: init context once
97f87c1 tracee-ebpf: add support for unix socket in security_socket_* funcs
a23f325 tracee-ebpf: simplify saving to buf (#1016)
e55abba improve kubernetes docs (#1028)
e9c0165 tracee-rules: Upgrade external package dependency (#1024)
f010325 tracee-rules: Bump up github.com/open-policy-agent/opa from v0.32.0 to v0.32.1 (#1025)
86de9c5 Set TINI_SUBREAPER env variable in dockerfile (#1021)
07969fa tracee-rules: Remove duplicated code for testing Rego signatures (#1020)
91dc323 tracee-ebpf: remove events pipeline (#1018)
71f266e chore: Add Vagrantfile to easily get started with tracee (#1017)
08cab83 tracee-ebpf: don't send argument type
1629071 tracee-rules: Allow compiling and evaluating all Rego signatures at once (#1015)
d685991 tracee-ebpf: show pathname on execve failed event
43581a4 Created new set of events IDs for user-mode events (#1013)
832d64a parse security_bpf cmd arg
41020e5 tracee-rules(test): rewrite tests for RegoSignature (#1007)
c3f9b36 tracee-ebpf: use argument index instead of tags
de793fe update docs
8856e75 Fix misspelled warning messages
d17a715 kconfig: only show non-fatal errors if debug flag is set
9d0792f libbpfgo: bump to 64a32fa because of helpers/kernel_config
11f1614 tracee/consts: CUSTOM_OPTION_START rename
6052623 docs/tracee-ebpf/override-os-needed-files: os files overrides
d285528 tracee: deal with possible kconfig option index error
8fee4eb add argument 'type' to security_kernel_read_file event (#998)
4904506 tracee-ebpf: move filters logic to a new file
b721b7d Fixed inconsistency in processes containerID value between startup and runtime
0ada16e tracee-ebpf: add sched_switch event
11e8451 Check os-release file for rhel or centos string (#1001)
cd26d25 Fix readlink
with relative softlinks
b608d60 feat: Add flag for Rego Target runtime (#980)
dcc153e change install/prerequisites relative path (#997)
65238c4 tracee-rules: add flag for partial evaluation (#979)
b475949 feat: Add flag for prepared events (#984)
ce65764 Add replace directive back (#992)
Docker images
docker pull docker.io/aquasec/tracee:latest
docker pull docker.io/aquasec/tracee:0.6.2
docker pull docker.io/aquasec/tracee:slim
docker pull docker.io/aquasec/tracee:slim-0.6.2