Читать книгу Cloud Native Security - Chris Binnie - Страница 33

Macros

Оглавление

Falco also employs the concept of using macros. The example that their documentation offers for a simple macro is as follows:

- macro: in_container condition: container.id != host and proc.name = sh

This example could be reused across multiple rules without having to explicitly rewrite it each time and offer significant time-savings.

Cloud Native Security

Подняться наверх