Skip to content

Configure the fields exported by events produced for Runtime Threat Detection ( node-agent) #488

New issue
New issue
Open
Open
Configure the fields exported by events produced for Runtime Threat Detection ( node-agent)#488
Assignees
slashben
Labels
help wantedExtra attention is needed
@henrikrexed

Description

@henrikrexed
henrikrexed
opened on Feb 17, 2025

Overview

Currently the event produced by the Runtime Threat Detection provides lots of details with the k8s metadata, the process details...And more.

Problem

When collecting the logs to a o11ybackend the default size of the strings are limited. Therefore the data is cropped .
All this details consumes bytes exchanged between cloud provider ..and will end up increasing the cloud cost.

Solution

Having an option to configure a list of fields that we would like to export from the event will allow users to decide on the type of details they would like to export. this is a feature that tetragon provides to control the size of the events produced : https://tetragon.io/docs/concepts/events/#export-filtering

Alternatives

Create a Otel collector pipeline that filter the data out.

Metadata

Metadata

Assignees

Labels

help wantedExtra attention is needed

Type

No type

Projects

Kubescaping

Status

Feature

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions