mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-11 05:34:55 +03:00
mukul975
c21af3347e
- Add scripts/agent.py and references/api-reference.md to all remaining skills - Update all 648 LICENSE files: copyright now reads 'Mahipal' - Add implementing-security-monitoring-with-datadog (new skill with full anatomy) - All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
46 lines
957 B
Markdown
46 lines
957 B
Markdown
# API Reference: Cilium Tetragon Runtime Security
|
|
|
|
## TracingPolicy CRD
|
|
|
|
```yaml
|
|
apiVersion: cilium.io/v1alpha1
|
|
kind: TracingPolicy
|
|
metadata:
|
|
name: monitor-sensitive-files
|
|
spec:
|
|
kprobes:
|
|
- call: fd_install
|
|
args:
|
|
- index: 1
|
|
type: file
|
|
selectors:
|
|
- matchArgs:
|
|
- index: 1
|
|
operator: Prefix
|
|
values: ["/etc/shadow", "/etc/passwd"]
|
|
```
|
|
|
|
## Tetra CLI Commands
|
|
|
|
| Command | Description |
|
|
|---------|-------------|
|
|
| `tetra status` | Tetragon health |
|
|
| `tetra getevents` | Stream events |
|
|
| `tetra tracingpolicy list` | List policies |
|
|
|
|
## Event Types
|
|
|
|
| Type | Description |
|
|
|------|-------------|
|
|
| `process_exec` | Process execution |
|
|
| `process_exit` | Process termination |
|
|
| `process_kprobe` | Kernel probe trigger |
|
|
|
|
## Key Libraries
|
|
|
|
| Library | Use |
|
|
|---------|-----|
|
|
| `kubernetes` | K8s API client |
|
|
| `subprocess` | kubectl/tetra CLI |
|
|
| `grpc` | Tetragon gRPC API |
|