All Products
Search

This Product

    Simple Log Service:Fields in Tetragon runtime logs

    Document Center

    Simple Log Service:Fields in Tetragon runtime logs

    Last Updated:Aug 12, 2024

    This topic describes the fields in the Tetragon-collected container runtime logs that are sent to a Logstore.

    Log field

    Description

    arguments

    The execution parameters.

    binary

    The executable file.

    call_name

    The name of the built-in function that is called by the eBPF program.

    cap

    The capabilities.

    cwd

    The current working directory.

    event_time

    The time when the event was generated.

    event_type

    The event type. Valid Values: process_kprobe and process_exec.

    exec_id

    The execution ID of the process.

    network

    • protocol: protocol

    • saddr: source IP address

    • sport: source port

    • daddr: destination IP address

    • dport: destination port

    network_bytes

    The network traffic. Unit: bytes.

    parent_exec_id

    The execution ID of the parent process.

    parent_process

    The information about the parent process.

    pid

    The ID of the process.

    pod

    • namespace

    • name

    • container

    • pod_labels

    • workload

    • workload_kind

    policy_name

    The name of the policy.