Container Service for Kubernetes:ack-advanced-audit - Container Service for Kubernetes

ack-advanced-audit audits system calls for operations inside containers. This topic describes the component and provides its changelog.

Overview

ack-advanced-audit is based on the open source project Falco and uses the kernel's extended Berkeley Packet Filter (eBPF) feature to audit system calls made inside containers. With this component, you can track commands run by team members or applications within a container.

Usage notes

For usage instructions and limitations, see Use the in-container operation audit feature.

Changelog

Important

An abnormal component may cause kubectl exec operations to fail.

January 2026

Version	Registry address	Changes	Date	Impact
0.9.0	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:0.9.0	Added support for Alibaba Cloud Linux 4. Upgraded the Go version to 1.25.6 to improve component stability.	January 21, 2026	An abnormal component may cause the `kubectl exec` operation to fail.
0.8.2	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:0.8.2	Upgraded the Go version to 1.25.5 to improve component stability.	January 08, 2026	An abnormal component may cause the `kubectl exec` operation to fail.

September 2025

Version	Registry address	Changes	Date	Impact
0.8.1	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:0.8.1	Added support for ContainerOS 3.5. Upgraded the Go version to 1.24.6 to improve component stability.	September 09, 2025	An abnormal component may cause the `kubectl exec` operation to fail.

May 2025

Version	Registry address	Changes	Date	Impact
0.7.0	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.7.0.0-g2f5da32d-aliyun	Added support for containerd 2.0. Upgraded the Go version to 1.24.3 to improve component stability.	May 26, 2025	An abnormal component may cause the `kubectl exec` operation to fail.

October 2024

Version	Registry address	Changes	Date	Impact
0.6.0	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.6.0.0-g05b523f-aliyun	Optimized support for ContainerOS.	October 30, 2024	An abnormal component may cause the `kubectl exec` operation to fail.
0.5.1	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.5.1.0-ga51258d-aliyun	Optimized support for Alibaba Cloud Linux 3.2104 U10.	October 17, 2024	An abnormal component may cause the `kubectl exec` operation to fail.

August 2024

Version	Registry address	Changes	Date	Impact
0.5.0	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.5.0.0-g18d101a-aliyun	Optimized memory usage. Optimized support for Alibaba Cloud Linux 3.2104 U9.1.	August 23, 2024	An abnormal component may cause the `kubectl exec` operation to fail.

July 2024

Version	Registry address	Changes	Date	Impact
0.4.0	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.4.0.0-g9a46887-aliyun	Optimized support for Ubuntu.	July 31, 2024	An abnormal component may cause the `kubectl exec` operation to fail.

September 2023

Version	Registry address	Changes	Date	Impact
0.3.0	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.3.0.21-ge1fbf04-aliyun	Optimized program performance. Optimized support for Alibaba Cloud Linux 3.8.	September 11, 2023	An abnormal component may cause the `kubectl exec` operation to fail.

April 2023

Version	Registry address	Changes	Date	Impact
0.2.0	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.2.0.0-g052ee2b-aliyun	Added support for Kubernetes 1.26.	April 13, 2023	An abnormal component may cause the `kubectl exec` operation to fail.

February 2023

Version	Registry address	Changes	Date	Impact
0.1.0	registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.1.1.47-gcd1dd3d-aliyun	Implemented the in-container operation audit feature.	February 07, 2023	Initial release.