ack-advanced-audit is a key component for auditing operations that are performed in containers. This topic introduces ack-advanced-audit, and describes the usage notes and release notes for ack-advanced-audit.
Table of contents
Introduction
ack-advanced-audit is developed based on open source Flaco and uses extended Berkeley Packet Filter (eBPF) of the Linux kernel to enable auditing of operations that are performed in containers. This way, you can audit operations performed by organization members or applications in containers.
Usage notes
ack-advanced-audit supports only the Alibaba Cloud Linux operating system whose kernel version is later than 4.19.
Release notes
September 2023
Version | Image address | Description | Release date | Impact |
0.3.0 | registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.3.0.21-ge1fbf04-aliyun |
| 2023-09-11 | The system may not respond to the kubectl exec command if ack-advanced-audit is in an abnormal state. |
April 2023
Version | Image address | Description | Release date | Impact |
0.2.0 | registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.2.0.0-g052ee2b-aliyun | Kubernetes 1.26 is supported. | 2023-04-13 | The system may not respond to the kubectl exec command if ack-advanced-audit is in an abnormal state. |
February 2023
Version | Image address | Description | Release date | Impact |
0.1.0 | registry-cn-hangzhou-vpc.ack.aliyuncs.com/acs/ack-advanced-audit:v0.1.1.47-gcd1dd3d-aliyun | Operations performed in containers can be audited. | 2023-02-07 | The first version. |