sysflow issues

Missing user and group information for domain users

1

**Indicate project** libsysflow **Describe the bug** The user name is not reported for domain users. **To reproduce** Steps to reproduce the behavior (on a Ubuntu 22): 1. Setup LDAP (used...

gentooise

bug

O_CREAT flag missing in File Flow OpenFlags

1

**Indicate project** libsysflow **Describe the bug** File Flows OpenFlags sometimes do not report O_CREAT (64) flag **To reproduce** Steps to reproduce the behavior: 1. Build and run sf-collector example 2....

dcarolloz

bug

Missing user and group information

1

**Indicate project** libsysflow **Describe the bug** User and group information are sometimes missing **To reproduce** Steps to reproduce the behavior: 1. Build and run sf-collector example 2. Add a user...

dcarolloz

bug

Add Kafka transport

**Indicate project** Processor **Overview** We want to enable Kafka transport in the SysFlow Processor, using our encoder/transport architecture as the base framework. **Tasks** - [x] Encoder - [ ] Add...

araujof

enhancement

sf-processor

Cut 0.6.1 release

## Scheduled to happen: 2024-01-31 ## Release PRs - [ ] [Collector: s390x support, libs0.13](https://github.com/sysflow-telemetry/sf-collector/pull/63) ## Action Items - [x] Pre-release: Prebuilt images - [x] Pre-release: [Milestones](https://github.com/orgs/sysflow-telemetry/projects/4) - [x] Pre-release:...

araujof

enhancement

release

execveat process events not reported on s390x architecture

**Indicate project** libsysflow **Describe the bug** Process events are not reported when using `execveat` syscall on `s390x` architecture (tested on `0.6.1-rc1`). **To reproduce** Steps to reproduce the behavior: 1. compile...

gentooise

bug

Upgrade to Falco Libs 0.14

**Description** Update libSysFlow to track Falco libs 0.14.

araujof

enhancement

sf-collector

libsysflow

Add multi-architecture build support to CIs

**Indicate project** collector, exporter, processor **Describe the feature you'd like** Modify the CI and builds to support multi-arch builds (amd64, arm64, s390x) via QEMU.

araujof

enhancement

sf-exporter

sf-collector

sf-processor

Document multi-language and multi data source support for rules engine

**Indicate project** processor **Describe the feature you'd like** Document processor's multi-language/source rules engine.

araujof

enhancement

sf-processor

Add Sigma rules support

1

**Indicate project** Processor **Overview** We want to enable Sigma rules evaluation in the SysFlow Processor, using our policy engine architecture as the base framework. **Tasks** - [x] Refactoring to enable...

araujof

enhancement

sf-processor

sysflow
sysflow copied to clipboard

Metadata

Missing user and group information for domain users

O_CREAT flag missing in File Flow OpenFlags

Missing user and group information

Add Kafka transport

Cut 0.6.1 release

execveat process events not reported on s390x architecture

Upgrade to Falco Libs 0.14

Add multi-architecture build support to CIs

Document multi-language and multi data source support for rules engine

Add Sigma rules support

← Metadata

Owner

Metadata

sysflow sysflow copied to clipboard

Metadata

← Metadata

Owner

Metadata

sysflow
sysflow copied to clipboard