docs: Add ancestors and ancestor filter information

Add information about ancestors, ancestor filter and ancestors related metrics to documentation.

Signed-off-by: t0x01 <[email protected]>

Author: t0x01

api/v1/README.md

@@ -166,8 +166,9 @@ flags, or environment variables.
 | `parent_arguments_regex` | Filter by the container ID in the process.docker field using RE2 regular expression syntax: https://github.com/google/re2/wiki/Syntax | 
 | `container_id` | Filter by parent process arguments using a list of regular expressions. You can find the full syntax [here](https://github.com/google/re2/wiki/Syntax). | 
 | `in_init_tree` | Filter containerized processes based on whether they are descendants of the container's init process. This can be used, for example, to watch for processes injected into a container via docker exec, kubectl exec, or similar mechanisms. | 
+| `ancestor_binary_regex` | Filter process events by a list of regular expressions of ancestor processes' binary names (e.g. `"^/home/kubernetes/bin/kubelet$"`). You can find the full syntax [here](https://github.com/google/re2/wiki/Syntax). | 
 
-#### Field Filtering 
+#### Field Filtering
 
 In some cases, it is not desirable to include all of the fields exported in
 Tetragon events by default. In these cases, you can use field filters to

docs/content/en/docs/concepts/events.md

@@ -16,6 +16,7 @@ debug: false
 disable-kprobe-multi: false
 enable-export-aggregation: false
 enable-k8s-api: false
+enable-process-ancestors: false
 enable-process-cred: false
 enable-process-ns: false
 event-queue-size: 10000