Thomas Labarussias
Thomas Labarussias
Hi, Can you tell us which version of OpenSearch you're using please, I'll try to reproduce the bug directly with Falcosidekick, to check if the issue is a bug at...
I didn't reproduced your issue with opensearch v1.2.4 and Falcosidekick locally: ``` 2022/07/19 18:26:32 [INFO] : Falco Sidekick version: devel 2022/07/19 18:26:32 [INFO] : Enabled Outputs : [Elasticsearch] 2022/07/19 18:26:32...
I was able to reproduce the issue with my [fake events generator](https://gist.github.com/Issif/8236641b072d4ef409a3ceac899fb02c). Here's the full error message: ``` 2022/07/20 12:01:55 [{"error":{"root_cause":[{"type":"mapper_parsing_exception","reason":"object mapping for [output_fields.ka.uri] tried to parse field [ka.uri] as...
I'm not a MacOS user, I can't verify by myself but here the procedure I got from various sources, it seems really common in Catalina : - presented with os...
A coworker sent me that : ``` sudo spctl --master-disable ``` Keep in mind it's a global parameter.
I confirm it works since v0.5.1. thank you both
Examples are optionnal, if you have a nice screenshot you can add it for sure
I'm waiting for the release of falco 0.33 and I'm approving your PR
@spyder-kyle can you rebase on master please
You're right, these fields are mandatory, what's your use case exactly? Even with them, the size of the payload is quite small and these fields are really useful for a...