diff --git a/docs/content/en/docs/concepts/events/json-events.md b/docs/content/en/docs/concepts/events/json-events.md index cbb36127ef7..122683fc482 100644 --- a/docs/content/en/docs/concepts/events/json-events.md +++ b/docs/content/en/docs/concepts/events/json-events.md @@ -6,7 +6,7 @@ description: "Tetragon JSON events" --- After Tetragon and the [demo application is up and -running](/docs/getting-started/kubernetes-quickstart-guide/#deploy-the-demo-application) +running](/docs/getting-started/install-k8s/#deploy-demo-application) you can examine the security and observability events produced by Tetragon in different ways. diff --git a/docs/content/en/docs/getting-started/enforcement.md b/docs/content/en/docs/getting-started/enforcement.md index bfc23664888..cd17562554f 100644 --- a/docs/content/en/docs/getting-started/enforcement.md +++ b/docs/content/en/docs/getting-started/enforcement.md @@ -60,7 +60,7 @@ export SERVICECIDR=$(kubectl describe pod -n kube-system kube-apiserver-kind-con Then we can apply the egress cluster enforcement policy ```shell-session -wget http://github.com/cilium/tetragon/examples/quickstart/network_egress_cluster_enforce.yaml +wget https://raw.githubusercontent.com/cilium/tetragon/main/examples/quickstart/network_egress_cluster_enforce.yaml envsubst < network_egress_cluster_enforce.yaml | kubectl apply -n default -f - ``` @@ -107,7 +107,7 @@ devices and raw sockets application may attempt. The following extends the example from [File Access Monitoring]({{< ref "docs/getting-started/file-events" >}}) with enforcement to ensure sensitive files are not read. The policy used is the -[`file-monitoring-enforce.yaml`](https://github.com/cilium/tetragon/blob/main/examples/quickstart/file-monitoring-enforce.yaml) +[`file_monitoring_enforce.yaml`](https://github.com/cilium/tetragon/blob/main/examples/quickstart/file_monitoring_enforce.yaml) it can be reviewed and extended as needed. The only difference between the observation policy and the enforce policy is the addition of an action block to sigkill the application and return an error on the op. @@ -117,11 +117,11 @@ To apply the policy: {{< tabpane lang=shell-session >}} {{< tab Kubernetes >}} -kubectl delete -f http://github.com/cilium/tetragon/examples/quickstart/file_monitoring.yaml -kubectl apply -f http://github.com/cilium/tetragon/examples/quickstart/file_monitoring_enforce.yaml +kubectl delete -f https://raw.githubusercontent.com/cilium/tetragon/main/examples/quickstart/file_monitoring.yaml +kubectl apply -f https://raw.githubusercontent.com/cilium/tetragon/main/examples/quickstart/file_monitoring_enforce.yaml {{< /tab >}} {{< tab Docker >}} -wget http://github.com/cilium/tetragon/examples/quickstart/file-monitoring.yaml +wget https://raw.githubusercontent.com/cilium/tetragon/main/examples/quickstart/file_monitoring.yaml docker stop tetragon-container docker run --name tetragon-container --rm --pull always \ --pid=host --cgroupns=host --privileged \ diff --git a/docs/content/en/docs/getting-started/file-events.md b/docs/content/en/docs/getting-started/file-events.md index 2441f1a38df..b456a120eaf 100644 --- a/docs/content/en/docs/getting-started/file-events.md +++ b/docs/content/en/docs/getting-started/file-events.md @@ -12,7 +12,7 @@ remains low even on busy systems. The following extends the example from Execution Tracing with a policy to monitor sensitive files in Linux. The policy used is the -[`file-monitoring.yaml`](https://github.com/cilium/tetragon/blob/main/examples/quickstart/file-monitoring.yaml) +[`file_monitoring.yaml`](https://github.com/cilium/tetragon/blob/main/examples/quickstart/file_monitoring.yaml) it can be reviewed and extended as needed. Files monitored here serve as a good base set of files. @@ -23,10 +23,10 @@ on disk. {{< tabpane lang=shell-session >}} {{< tab Kubernetes >}} -kubectl apply -f http://github.com/cilium/tetragon/examples/quickstart/file-monitoring.yaml +kubectl apply -f https://raw.githubusercontent.com/cilium/tetragon/main/examples/quickstart/file_monitoring.yaml {{< /tab >}} {{< tab Docker >}} -wget http://github.com/cilium/tetragon/examples/quickstart/file-monitoring.yaml +wget https://raw.githubusercontent.com/cilium/tetragon/main/examples/quickstart/file_monitoring.yaml docker stop tetragon-container docker run --name tetragon-container --rm --pull always \ --pid=host --cgroupns=host --privileged \ diff --git a/docs/content/en/docs/getting-started/network.md b/docs/content/en/docs/getting-started/network.md index 1c3170f2c30..e6855131847 100644 --- a/docs/content/en/docs/getting-started/network.md +++ b/docs/content/en/docs/getting-started/network.md @@ -36,7 +36,7 @@ First we apply a policy that includes the `podCIDR` and `serviceIP` list as filters to avoid filter out cluster local traffic. To apply the policy: ```shell-session -wget http://github.com/cilium/tetragon/examples/quickstart/network_egress_cluster.yaml +wget https://raw.githubusercontent.com/cilium/tetragon/main/examples/quickstart/network_egress_cluster.yaml envsubst < network_egress_cluster.yaml | kubectl apply -f - ``` @@ -98,7 +98,7 @@ export SERVICECIDR="127.0.0.1/32" To create the policy, ```shell-session -wget http://github.com/cilium/tetragon/examples/quickstart/network_egress_cluster.yaml +wget https://raw.githubusercontent.com/cilium/tetragon/main/examples/quickstart/network_egress_cluster.yaml envsubst < network_egress_cluster.yaml > network_egress_cluster_subst.yaml ``` diff --git a/docs/content/en/docs/installation/package.md b/docs/content/en/docs/installation/package.md index 849a2df3a87..0b0ebcd1b5d 100644 --- a/docs/content/en/docs/installation/package.md +++ b/docs/content/en/docs/installation/package.md @@ -174,6 +174,6 @@ Tetragon also ships a gRPC client that can be used to receive events. ## What's next -See [Explore security observability events](/docs/concepts/tetragon-events/) +See [Explore security observability events](/docs/concepts/events/) to learn more about how to see the Tetragon events.