All Products
Search
Document Center

Container Service for Kubernetes:ack-advanced-audit

Last Updated:Dec 12, 2023

ack-advanced-audit is a key component for auditing operations that are performed in containers. This topic introduces ack-advanced-audit, and describes the usage notes and release notes for ack-advanced-audit.

Table of contents

Introduction

ack-advanced-audit is developed based on open source Falco and uses extended Berkeley Packet Filter (eBPF) of the Linux kernel to enable auditing of operations that are performed in containers. This way, you can audit operations performed by organization members or applications in containers.

Usage notes

ack-advanced-audit supports only the Alibaba Cloud Linux operating system whose kernel version is later than 4.19.

Release notes

April 2023

Version

Image address

Description

Release date

Impact

0.2.0

registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.2.0.0-g052ee2b-aliyun

This version is in canary release.

Kubernetes 1.26 is supported.

2023-04-13

The system may not respond to the kubectl exec command if ack-advanced-audit is in an abnormal state.

February 2023

Version

Image address

Description

Release date

Impact

0.1.0

registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.1.1.47-gcd1dd3d-aliyun

Operations performed in containers can be audited.

2023-02-07

The first version.