Skip to content

Commit

Permalink
updated falco rules files
Browse files Browse the repository at this point in the history 
Signed-off-by: h4l0gen <[email protected]>
  • Loading branch information
@h4l0gen
h4l0gen committed Mar 22, 2024
1 parent 2fd2028 commit 1f2926e
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion rules/falco-deprecated_rules.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@
# Starting with version 8, the Falco engine supports exceptions.
# However the Falco rules file does not use them by default.

required_engine_version: '0.31.0'
- required_engine_version: '0.31.0'

# This macro `never_true` is used as placeholder for
# tuning negative logical sub-expressions, for example
Expand Down
2 changes: 1 addition & 1 deletion rules/falco_rules.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -344,7 +344,7 @@

- macro: splunk_running_forwarder
condition: >
(proc.pname=splunkd and proc.cmdline startswith "sh -c /opt/splunkforwarder")
(proc.pname=splunkd and proc.cmdline startswith "sh -c /opt/splunkforwarder")
- macro: perl_running_plesk
condition: >
Expand Down

0 comments on commit 1f2926e

Please sign in to comment.