Channels
marpaia
3 years agonot in the way you’re asking for it, no. you’d have to run an instance of osqueryd in each vm to perform that kind of data collection.- n
nebi
3 years ago@marpaia please see my follow up reply for this, thank you marpaia
3 years agodepending on how you configure the namespaces, cgroups, etc. you may be able to identify pid groups or some other unique identifier for processes that are “containers”
but just note that “containers” don’t really exist at some level, they’re just really configured linux processes
View count: 2