Quick Start Security for Falco
Thank you!
We got your information.
Coralogix Extension For Falco Includes:
Alerts - 5
Stay on top of Falco key performance metrics. Keep everyone in the know with integration with Slack, PagerDuty and more.
Error priority alert
This alert type aggregates all Falco alerts that are error in nature. Falco's error priority is triggered once there is a file writing state inside the container or k8s pod. Please refer to the rule, desc and source fields in the logs to get more information regarding the relevant alert. Impact Depends on the type of granular alert. See more details in the log itself. Mitigation Depends on the type of granular alert. See more details in the log itself.
Warning priority alert
This alert type aggregates all Falco alerts that are warning in nature. Flaco's warning priority rules are triggered once there is an unauthorized read attempt of sensitive files. Please refer to the rule, desc and source fields in the logs to get more information regarding the relevant alert. Impact Depends on the type of granular alert. See more details in the log itself. Mitigation Depends on the type of granular alert. See more details in the log itself.
Notice priority alert
This alert type aggregates all Falco alerts that are notice in nature. Falco's notice priority rule is triggered once it detects an unexpected behavior like unexpected shell spawn, etc. Please refer to the rule, desc and source fields in the logs to get more information regarding the relevant alert. Impact Depends on the type of granular alert. See more details in the log itself. Mitigation Depends on the type of granular alert. See more details in the log itself.
Informational priority alert
This alert type aggregates all Falco alerts that are informational in nature. Falco's informational priority rule is triggered once a best practice is broken like an unexpected privileged container with sensitive mounts are started. Please refer to the rule, desc and source fields in the logs to get more information regarding the relevant alert. Impact Depends on the type of granular alert. See more details in the log itself. Mitigation Depends on the type of granular alert. See more details in the log itself.
Critical priority alert
This alert type aggregates all Falco alerts that are critical in nature. Falco's critical priority is triggered once there is an container running error or a virus/malware detected in the container that can affects its functionality or there is a suspicious network activity detected. Please refer to the rule, desc and source fields in the logs to get more information regarding the relevant alert. Impact Depends on the type of granular alert. See more details in the log itself. Mitigation Depends on the type of granular alert. See more details in the log itself.
Integration
Learn more about Coralogix's out-of-the-box integration with Falco in our documentation.