Skip to content

Configure the fields exported by events produced for Runtime Threat Detection ( node-agent) #488

New issue
New issue
Open
Open
Configure the fields exported by events produced for Runtime Threat Detection ( node-agent)#488
Assignees
slashben
@henrikrexed

Description

@henrikrexed
henrikrexed
opened on Feb 17, 2025

Overview

Currently the event produced by the Runtime Threat Detection provides lots of details with the k8s metadata, the process details...And more.

Problem

When collecting the logs to a o11ybackend the default size of the strings are limited. Therefore the data is cropped .
All this details consumes bytes exchanged between cloud provider ..and will end up increasing the cloud cost.

Solution

Having an option to configure a list of fields that we would like to export from the event will allow users to decide on the type of details they would like to export. this is a feature that tetragon provides to control the size of the events produced : https://tetragon.io/docs/concepts/events/#export-filtering

Alternatives

Create a Otel collector pipeline that filter the data out.

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

Kubescaping

  • Status

    Feature

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions