Usage notes and release notes for ack-advanced-audit - Container Service for Kubernetes

ack-advanced-audit is a key component for auditing operations inside containers. This topic describes the ack-advanced-audit component, its usage, and its release notes.

Introduction

The ack-advanced-audit component is based on the open source project Falco. It uses the extended Berkeley Packet Filter (eBPF) feature of the kernel to audit system calls within containers. This lets you audit commands that organization members or applications run after they access a container.

Usage

For more information about how to use ack-advanced-audit and its limitations, see Use the container operation audit feature.

Release notes

September 2025

Version	Image address	Changes	Modification Time	Impact
0.8.1	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:0.8.1	Added support for the ContainerOS 3.5 operating system. Upgraded the Go version used by the component to 1.24.6 to improve component stability.	September 9, 2025	If the component is abnormal, `kubectl exec` commands may fail.

May 2025

Version	Image address	Changes	Modification time	Impact
0.7.0	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.7.0.0-g2f5da32d-aliyun	Added support for containerd 2.0. Upgraded the Go version used by the component to 1.24.3 to improve component stability.	May 26, 2025	If the component is abnormal, `kubectl exec` commands may fail.

October 2024

Version	Image address	Changes	Modification Time	Impact
0.6.0	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.6.0.0-g05b523f-aliyun	Optimized support for the ContainerOS operating system.	October 30, 2024	If the component is abnormal, `kubectl exec` commands may fail.
0.5.1	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.5.1.0-ga51258d-aliyun	Optimized support for the Alibaba Cloud Linux 3.2104 U10 operating system.	October 17, 2024	If the component is abnormal, `kubectl exec` commands may fail.

August 2024

Version	Image address	Changes	Modification Time	Impact
0.5.0	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.5.0.0-g18d101a-aliyun	Optimized the memory usage of the program. Optimized support for the Alibaba Cloud Linux 3.2104 U9.1 operating system.	August 23, 2024	If the component is abnormal, `kubectl exec` commands may fail.

July 2024

Version	Image address	Changes	Modification Time	Impact
0.4.0	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.4.0.0-g9a46887-aliyun	Optimized support for the Ubuntu operating system.	July 31, 2024	If the component is abnormal, `kubectl exec` commands may fail.

September 2023

Version	Image address	Changes	Release date	Impact
0.3.0	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.3.0.21-ge1fbf04-aliyun	Optimized the performance of the program. Optimized support for the Alibaba Cloud Linux 3.8 operating system.	September 11, 2023	If the component is abnormal, `kubectl exec` commands may fail.

April 2023

Version	Image address	Changes	Release date	Impact
0.2.0	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.2.0.0-g052ee2b-aliyun	Added support for Kubernetes 1.26.	April 13, 2023	If the component is abnormal, `kubectl exec` commands may fail.

February 2023

Version	Image address	Changes	Modification Time	Impact
0.1.0	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.1.1.47-gcd1dd3d-aliyun	Enabled the feature of auditing operations inside containers.	February 7, 2023	Initial release.