參考資訊:
https://falco.org/blog/choosing-a-driver/
https://falco.org/docs/getting-started/installation/
步驟如下:
$ curl -fsSL https://falco.org/repo/falcosecurity-packages.asc | sudo gpg --dearmor -o /usr/share/keyrings/falco-archive-keyring.gpg
$ sudo vim /etc/apt/sources.list.d/falcosecurity.list
deb [signed-by=/usr/share/keyrings/falco-archive-keyring.gpg] https://download.falco.org/packages/deb stable main
$ sudo apt-get update -y
$ sudo apt install -y dkms make linux-headers-$(uname -r)
$ sudo apt install -y clang llvm
$ sudo apt install -y dialog
$ sudo apt-get install -y falco
$ falco --version
Fri Jun 2 08:45:59 2023: Falco version: 0.34.1 (x86_64)
Fri Jun 2 08:45:59 2023: Falco initialized with configuration file: /etc/falco/falco.yaml
Falco version: 0.34.1
Libs version: 0.10.4
Plugin API: 2.0.0
Engine: 16
Driver:
API version: 3.0.0
Schema version: 2.0.0
Default driver: 4.0.0+driver