Skip to content

Runtime data collection for the StackRox Kubernetes Security Platform using eBPF

License

Notifications You must be signed in to change notification settings

stackrox/collector

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Stackrox Collector

GitHub Workflow Status (with branch) GitHub Workflow Status (with branch) GitHub GitHub tag (latest SemVer)

Welcome to the Stackrox Collector project documentation. Here you can learn more about idea behind the project, how to start guidelines, design overview and detailed references.

Collector is a component of Stackrox responsible for gathering runtime data. In a few words it is an agent that runs on every node under strict performance limitations and gathers the data via kernel modules or eBPF probes (the default collection mode nowadays). To implement eBPF probes and collect data, the project leverages the Falco libraries via a custom fork.

Useful links

Here are few links to get more details:

  1. How to start: If you want to contribute to the project, this is the best place to start. This section covers building and troubleshooting the project from scratch.

  2. Design overview: When your goal is to better understand how Collector works, and it's place in the grand scheme of things, you may want to look here.

  3. Troubleshooting: For common startup errors, ways of identifying and fixing them.

  4. Release Process: Having troubles with the release? Here we have a few tips for you.

  5. References: Contains a comprehensive list of configuration options for the project.