Expand description
§Event types
This module is automatically generated from the Falco event schema. It provides strongly-typed
structs for each event type supported by Falco, as well as a types::AnyEvent enum that is capable
of containing an arbitrary event matching the schema.
Structs§
- PPME_
ASYNCEVENT_ E - PPME_
ASYNCEVENT_ X - PPME_
CONTAINER_ E - PPME_
CONTAINER_ JSON_ 2_ E - PPME_
CONTAINER_ JSON_ 2_ X - PPME_
CONTAINER_ JSON_ E - PPME_
CONTAINER_ JSON_ X - PPME_
CONTAINER_ X - PPME_
CPU_ HOTPLUG_ E - PPME_
CPU_ HOTPLUG_ X - PPME_
DROP_ E - PPME_
DROP_ X - PPME_
GENERIC_ E - PPME_
GENERIC_ X - PPME_
GROUP_ ADDED_ E - PPME_
GROUP_ ADDED_ X - PPME_
GROUP_ DELETED_ E - PPME_
GROUP_ DELETED_ X - PPME_
INFRASTRUCTURE_ EVENT_ E - PPME_
INFRASTRUCTURE_ EVENT_ X - PPME_
K8S_ E - PPME_
K8S_ X - PPME_
MESOS_ E - PPME_
MESOS_ X - PPME_
NOTIFICATION_ E - PPME_
NOTIFICATION_ X - PPME_
PAGE_ FAULT_ E - PPME_
PAGE_ FAULT_ X - PPME_
PLUGINEVENT_ E - PPME_
PLUGINEVENT_ X - PPME_
PROCEXIT_ 1_ E - PPME_
PROCEXIT_ 1_ X - PPME_
PROCEXIT_ E - PPME_
PROCEXIT_ X - PPME_
PROCINFO_ E - PPME_
PROCINFO_ X - PPME_
SCAPEVENT_ E - PPME_
SCAPEVENT_ X - PPME_
SCHEDSWITCH_ 1_ E - PPME_
SCHEDSWITCH_ 1_ X - PPME_
SCHEDSWITCH_ 6_ E - PPME_
SCHEDSWITCH_ 6_ X - PPME_
SIGNALDELIVER_ E - PPME_
SIGNALDELIVER_ X - PPME_
SOCKET_ ACCEP T4_ 5_ E - PPME_
SOCKET_ ACCEP T4_ 5_ X - PPME_
SOCKET_ ACCEP T4_ 6_ E - PPME_
SOCKET_ ACCEP T4_ 6_ X - PPME_
SOCKET_ ACCEP T4_ E - PPME_
SOCKET_ ACCEP T4_ X - PPME_
SOCKET_ ACCEPT_ 5_ E - PPME_
SOCKET_ ACCEPT_ 5_ X - PPME_
SOCKET_ ACCEPT_ E - PPME_
SOCKET_ ACCEPT_ X - PPME_
SOCKET_ BIND_ E - PPME_
SOCKET_ BIND_ X - PPME_
SOCKET_ CONNECT_ E - PPME_
SOCKET_ CONNECT_ X - PPME_
SOCKET_ GETPEERNAME_ E - PPME_
SOCKET_ GETPEERNAME_ X - PPME_
SOCKET_ GETSOCKNAME_ E - PPME_
SOCKET_ GETSOCKNAME_ X - PPME_
SOCKET_ GETSOCKOPT_ E - PPME_
SOCKET_ GETSOCKOPT_ X - PPME_
SOCKET_ LISTEN_ E - PPME_
SOCKET_ LISTEN_ X - PPME_
SOCKET_ RECVFROM_ E - PPME_
SOCKET_ RECVFROM_ X - PPME_
SOCKET_ RECVMMSG_ E - PPME_
SOCKET_ RECVMMSG_ X - PPME_
SOCKET_ RECVMSG_ E - PPME_
SOCKET_ RECVMSG_ X - PPME_
SOCKET_ RECV_ E - PPME_
SOCKET_ RECV_ X - PPME_
SOCKET_ SENDMMSG_ E - PPME_
SOCKET_ SENDMMSG_ X - PPME_
SOCKET_ SENDMSG_ E - PPME_
SOCKET_ SENDMSG_ X - PPME_
SOCKET_ SENDTO_ E - PPME_
SOCKET_ SENDTO_ X - PPME_
SOCKET_ SEND_ E - PPME_
SOCKET_ SEND_ X - PPME_
SOCKET_ SETSOCKOPT_ E - PPME_
SOCKET_ SETSOCKOPT_ X - PPME_
SOCKET_ SHUTDOWN_ E - PPME_
SOCKET_ SHUTDOWN_ X - PPME_
SOCKET_ SOCKETPAIR_ E - PPME_
SOCKET_ SOCKETPAIR_ X - PPME_
SOCKET_ SOCKET_ E - PPME_
SOCKET_ SOCKET_ X - PPME_
SYSCALL_ ACCESS_ E - PPME_
SYSCALL_ ACCESS_ X - PPME_
SYSCALL_ BPF_ 2_ E - PPME_
SYSCALL_ BPF_ 2_ X - PPME_
SYSCALL_ BPF_ E - PPME_
SYSCALL_ BPF_ X - PPME_
SYSCALL_ BRK_ 1_ E - PPME_
SYSCALL_ BRK_ 1_ X - PPME_
SYSCALL_ BRK_ 4_ E - PPME_
SYSCALL_ BRK_ 4_ X - PPME_
SYSCALL_ CAPSET_ E - PPME_
SYSCALL_ CAPSET_ X - PPME_
SYSCALL_ CHDIR_ E - PPME_
SYSCALL_ CHDIR_ X - PPME_
SYSCALL_ CHMOD_ E - PPME_
SYSCALL_ CHMOD_ X - PPME_
SYSCALL_ CHOWN_ E - PPME_
SYSCALL_ CHOWN_ X - PPME_
SYSCALL_ CHROOT_ E - PPME_
SYSCALL_ CHROOT_ X - PPME_
SYSCALL_ CLON E3_ E - PPME_
SYSCALL_ CLON E3_ X - PPME_
SYSCALL_ CLONE_ 11_ E - PPME_
SYSCALL_ CLONE_ 11_ X - PPME_
SYSCALL_ CLONE_ 16_ E - PPME_
SYSCALL_ CLONE_ 16_ X - PPME_
SYSCALL_ CLONE_ 17_ E - PPME_
SYSCALL_ CLONE_ 17_ X - PPME_
SYSCALL_ CLONE_ 20_ E - PPME_
SYSCALL_ CLONE_ 20_ X - PPME_
SYSCALL_ CLOSE_ E - PPME_
SYSCALL_ CLOSE_ X - PPME_
SYSCALL_ COPY_ FILE_ RANGE_ E - PPME_
SYSCALL_ COPY_ FILE_ RANGE_ X - PPME_
SYSCALL_ CREAT_ E - PPME_
SYSCALL_ CREAT_ X - PPME_
SYSCALL_ DELETE_ MODULE_ E - PPME_
SYSCALL_ DELETE_ MODULE_ X - PPME_
SYSCALL_ DUP2_ E - PPME_
SYSCALL_ DUP2_ X - PPME_
SYSCALL_ DUP3_ E - PPME_
SYSCALL_ DUP3_ X - PPME_
SYSCALL_ DUP_ 1_ E - PPME_
SYSCALL_ DUP_ 1_ X - PPME_
SYSCALL_ DUP_ E - PPME_
SYSCALL_ DUP_ X - PPME_
SYSCALL_ EPOLLWAIT_ E - PPME_
SYSCALL_ EPOLLWAIT_ X - PPME_
SYSCALL_ EPOLL_ CREAT E1_ E - PPME_
SYSCALL_ EPOLL_ CREAT E1_ X - PPME_
SYSCALL_ EPOLL_ CREATE_ E - PPME_
SYSCALL_ EPOLL_ CREATE_ X - PPME_
SYSCALL_ EVENTF D2_ E - PPME_
SYSCALL_ EVENTF D2_ X - PPME_
SYSCALL_ EVENTFD_ E - PPME_
SYSCALL_ EVENTFD_ X - PPME_
SYSCALL_ EXECVEAT_ E - PPME_
SYSCALL_ EXECVEAT_ X - PPME_
SYSCALL_ EXECVE_ 8_ E - PPME_
SYSCALL_ EXECVE_ 8_ X - PPME_
SYSCALL_ EXECVE_ 13_ E - PPME_
SYSCALL_ EXECVE_ 13_ X - PPME_
SYSCALL_ EXECVE_ 14_ E - PPME_
SYSCALL_ EXECVE_ 14_ X - PPME_
SYSCALL_ EXECVE_ 15_ E - PPME_
SYSCALL_ EXECVE_ 15_ X - PPME_
SYSCALL_ EXECVE_ 16_ E - PPME_
SYSCALL_ EXECVE_ 16_ X - PPME_
SYSCALL_ EXECVE_ 17_ E - PPME_
SYSCALL_ EXECVE_ 17_ X - PPME_
SYSCALL_ EXECVE_ 18_ E - PPME_
SYSCALL_ EXECVE_ 18_ X - PPME_
SYSCALL_ EXECVE_ 19_ E - PPME_
SYSCALL_ EXECVE_ 19_ X - PPME_
SYSCALL_ FCHDIR_ E - PPME_
SYSCALL_ FCHDIR_ X - PPME_
SYSCALL_ FCHMODAT_ E - PPME_
SYSCALL_ FCHMODAT_ X - PPME_
SYSCALL_ FCHMOD_ E - PPME_
SYSCALL_ FCHMOD_ X - PPME_
SYSCALL_ FCHOWNAT_ E - PPME_
SYSCALL_ FCHOWNAT_ X - PPME_
SYSCALL_ FCHOWN_ E - PPME_
SYSCALL_ FCHOWN_ X - PPME_
SYSCALL_ FCNTL_ E - PPME_
SYSCALL_ FCNTL_ X - PPME_
SYSCALL_ FINIT_ MODULE_ E - PPME_
SYSCALL_ FINIT_ MODULE_ X - PPME_
SYSCALL_ FLOCK_ E - PPME_
SYSCALL_ FLOCK_ X - PPME_
SYSCALL_ FORK_ 17_ E - PPME_
SYSCALL_ FORK_ 17_ X - PPME_
SYSCALL_ FORK_ 20_ E - PPME_
SYSCALL_ FORK_ 20_ X - PPME_
SYSCALL_ FORK_ E - PPME_
SYSCALL_ FORK_ X - PPME_
SYSCALL_ FSCONFIG_ E - PPME_
SYSCALL_ FSCONFIG_ X - PPME_
SYSCALL_ FSTA T64_ E - PPME_
SYSCALL_ FSTA T64_ X - PPME_
SYSCALL_ FSTAT_ E - PPME_
SYSCALL_ FSTAT_ X - PPME_
SYSCALL_ FUTEX_ E - PPME_
SYSCALL_ FUTEX_ X - PPME_
SYSCALL_ GETCWD_ E - PPME_
SYSCALL_ GETCWD_ X - PPME_
SYSCALL_ GETDENT S64_ E - PPME_
SYSCALL_ GETDENT S64_ X - PPME_
SYSCALL_ GETDENTS_ E - PPME_
SYSCALL_ GETDENTS_ X - PPME_
SYSCALL_ GETEGID_ E - PPME_
SYSCALL_ GETEGID_ X - PPME_
SYSCALL_ GETEUID_ E - PPME_
SYSCALL_ GETEUID_ X - PPME_
SYSCALL_ GETGID_ E - PPME_
SYSCALL_ GETGID_ X - PPME_
SYSCALL_ GETRESGID_ E - PPME_
SYSCALL_ GETRESGID_ X - PPME_
SYSCALL_ GETRESUID_ E - PPME_
SYSCALL_ GETRESUID_ X - PPME_
SYSCALL_ GETRLIMIT_ E - PPME_
SYSCALL_ GETRLIMIT_ X - PPME_
SYSCALL_ GETUID_ E - PPME_
SYSCALL_ GETUID_ X - PPME_
SYSCALL_ INIT_ MODULE_ E - PPME_
SYSCALL_ INIT_ MODULE_ X - PPME_
SYSCALL_ INOTIFY_ INIT1_ E - PPME_
SYSCALL_ INOTIFY_ INIT1_ X - PPME_
SYSCALL_ INOTIFY_ INIT_ E - PPME_
SYSCALL_ INOTIFY_ INIT_ X - PPME_
SYSCALL_ IOCTL_ 2_ E - PPME_
SYSCALL_ IOCTL_ 2_ X - PPME_
SYSCALL_ IOCTL_ 3_ E - PPME_
SYSCALL_ IOCTL_ 3_ X - PPME_
SYSCALL_ IO_ URING_ ENTER_ E - PPME_
SYSCALL_ IO_ URING_ ENTER_ X - PPME_
SYSCALL_ IO_ URING_ REGISTER_ E - PPME_
SYSCALL_ IO_ URING_ REGISTER_ X - PPME_
SYSCALL_ IO_ URING_ SETUP_ E - PPME_
SYSCALL_ IO_ URING_ SETUP_ X - PPME_
SYSCALL_ KILL_ E - PPME_
SYSCALL_ KILL_ X - PPME_
SYSCALL_ LCHOWN_ E - PPME_
SYSCALL_ LCHOWN_ X - PPME_
SYSCALL_ LINKAT_ 2_ E - PPME_
SYSCALL_ LINKAT_ 2_ X - PPME_
SYSCALL_ LINKAT_ E - PPME_
SYSCALL_ LINKAT_ X - PPME_
SYSCALL_ LINK_ 2_ E - PPME_
SYSCALL_ LINK_ 2_ X - PPME_
SYSCALL_ LINK_ E - PPME_
SYSCALL_ LINK_ X - PPME_
SYSCALL_ LLSEEK_ E - PPME_
SYSCALL_ LLSEEK_ X - PPME_
SYSCALL_ LSEEK_ E - PPME_
SYSCALL_ LSEEK_ X - PPME_
SYSCALL_ LSTA T64_ E - PPME_
SYSCALL_ LSTA T64_ X - PPME_
SYSCALL_ LSTAT_ E - PPME_
SYSCALL_ LSTAT_ X - PPME_
SYSCALL_ MEMFD_ CREATE_ E - PPME_
SYSCALL_ MEMFD_ CREATE_ X - PPME_
SYSCALL_ MKDIRAT_ E - PPME_
SYSCALL_ MKDIRAT_ X - PPME_
SYSCALL_ MKDIR_ 2_ E - PPME_
SYSCALL_ MKDIR_ 2_ X - PPME_
SYSCALL_ MKDIR_ E - PPME_
SYSCALL_ MKDIR_ X - PPME_
SYSCALL_ MKNODAT_ E - PPME_
SYSCALL_ MKNODAT_ X - PPME_
SYSCALL_ MKNOD_ E - PPME_
SYSCALL_ MKNOD_ X - PPME_
SYSCALL_ MLOC K2_ E - PPME_
SYSCALL_ MLOC K2_ X - PPME_
SYSCALL_ MLOCKALL_ E - PPME_
SYSCALL_ MLOCKALL_ X - PPME_
SYSCALL_ MLOCK_ E - PPME_
SYSCALL_ MLOCK_ X - PPME_
SYSCALL_ MMAP2_ E - PPME_
SYSCALL_ MMAP2_ X - PPME_
SYSCALL_ MMAP_ E - PPME_
SYSCALL_ MMAP_ X - PPME_
SYSCALL_ MOUNT_ E - PPME_
SYSCALL_ MOUNT_ X - PPME_
SYSCALL_ MPROTECT_ E - PPME_
SYSCALL_ MPROTECT_ X - PPME_
SYSCALL_ MUNLOCKALL_ E - PPME_
SYSCALL_ MUNLOCKALL_ X - PPME_
SYSCALL_ MUNLOCK_ E - PPME_
SYSCALL_ MUNLOCK_ X - PPME_
SYSCALL_ MUNMAP_ E - PPME_
SYSCALL_ MUNMAP_ X - PPME_
SYSCALL_ NANOSLEEP_ E - PPME_
SYSCALL_ NANOSLEEP_ X - PPME_
SYSCALL_ NEWFSTATAT_ E - PPME_
SYSCALL_ NEWFSTATAT_ X - PPME_
SYSCALL_ NEWSELECT_ E - PPME_
SYSCALL_ NEWSELECT_ X - PPME_
SYSCALL_ OPENA T2_ E - PPME_
SYSCALL_ OPENA T2_ X - PPME_
SYSCALL_ OPENAT_ 2_ E - PPME_
SYSCALL_ OPENAT_ 2_ X - PPME_
SYSCALL_ OPENAT_ E - PPME_
SYSCALL_ OPENAT_ X - PPME_
SYSCALL_ OPEN_ BY_ HANDLE_ AT_ E - PPME_
SYSCALL_ OPEN_ BY_ HANDLE_ AT_ X - PPME_
SYSCALL_ OPEN_ E - PPME_
SYSCALL_ OPEN_ X - PPME_
SYSCALL_ PIDFD_ GETFD_ E - PPME_
SYSCALL_ PIDFD_ GETFD_ X - PPME_
SYSCALL_ PIDFD_ OPEN_ E - PPME_
SYSCALL_ PIDFD_ OPEN_ X - PPME_
SYSCALL_ PIPE2_ E - PPME_
SYSCALL_ PIPE2_ X - PPME_
SYSCALL_ PIPE_ E - PPME_
SYSCALL_ PIPE_ X - PPME_
SYSCALL_ POLL_ E - PPME_
SYSCALL_ POLL_ X - PPME_
SYSCALL_ PPOLL_ E - PPME_
SYSCALL_ PPOLL_ X - PPME_
SYSCALL_ PRCTL_ E - PPME_
SYSCALL_ PRCTL_ X - PPME_
SYSCALL_ PREADV_ E - PPME_
SYSCALL_ PREADV_ X - PPME_
SYSCALL_ PREAD_ E - PPME_
SYSCALL_ PREAD_ X - PPME_
SYSCALL_ PRLIMIT_ E - PPME_
SYSCALL_ PRLIMIT_ X - PPME_
SYSCALL_ PROCESS_ VM_ READV_ E - PPME_
SYSCALL_ PROCESS_ VM_ READV_ X - PPME_
SYSCALL_ PROCESS_ VM_ WRITEV_ E - PPME_
SYSCALL_ PROCESS_ VM_ WRITEV_ X - PPME_
SYSCALL_ PTRACE_ E - PPME_
SYSCALL_ PTRACE_ X - PPME_
SYSCALL_ PWRITEV_ E - PPME_
SYSCALL_ PWRITEV_ X - PPME_
SYSCALL_ PWRITE_ E - PPME_
SYSCALL_ PWRITE_ X - PPME_
SYSCALL_ QUOTACTL_ E - PPME_
SYSCALL_ QUOTACTL_ X - PPME_
SYSCALL_ READV_ E - PPME_
SYSCALL_ READV_ X - PPME_
SYSCALL_ READ_ E - PPME_
SYSCALL_ READ_ X - PPME_
SYSCALL_ RENAMEA T2_ E - PPME_
SYSCALL_ RENAMEA T2_ X - PPME_
SYSCALL_ RENAMEAT_ E - PPME_
SYSCALL_ RENAMEAT_ X - PPME_
SYSCALL_ RENAME_ E - PPME_
SYSCALL_ RENAME_ X - PPME_
SYSCALL_ RMDIR_ 2_ E - PPME_
SYSCALL_ RMDIR_ 2_ X - PPME_
SYSCALL_ RMDIR_ E - PPME_
SYSCALL_ RMDIR_ X - PPME_
SYSCALL_ SECCOMP_ E - PPME_
SYSCALL_ SECCOMP_ X - PPME_
SYSCALL_ SELECT_ E - PPME_
SYSCALL_ SELECT_ X - PPME_
SYSCALL_ SEMCTL_ E - PPME_
SYSCALL_ SEMCTL_ X - PPME_
SYSCALL_ SEMGET_ E - PPME_
SYSCALL_ SEMGET_ X - PPME_
SYSCALL_ SEMOP_ E - PPME_
SYSCALL_ SEMOP_ X - PPME_
SYSCALL_ SENDFILE_ E - PPME_
SYSCALL_ SENDFILE_ X - PPME_
SYSCALL_ SETGID_ E - PPME_
SYSCALL_ SETGID_ X - PPME_
SYSCALL_ SETNS_ E - PPME_
SYSCALL_ SETNS_ X - PPME_
SYSCALL_ SETPGID_ E - PPME_
SYSCALL_ SETPGID_ X - PPME_
SYSCALL_ SETREGID_ E - PPME_
SYSCALL_ SETREGID_ X - PPME_
SYSCALL_ SETRESGID_ E - PPME_
SYSCALL_ SETRESGID_ X - PPME_
SYSCALL_ SETRESUID_ E - PPME_
SYSCALL_ SETRESUID_ X - PPME_
SYSCALL_ SETREUID_ E - PPME_
SYSCALL_ SETREUID_ X - PPME_
SYSCALL_ SETRLIMIT_ E - PPME_
SYSCALL_ SETRLIMIT_ X - PPME_
SYSCALL_ SETSID_ E - PPME_
SYSCALL_ SETSID_ X - PPME_
SYSCALL_ SETUID_ E - PPME_
SYSCALL_ SETUID_ X - PPME_
SYSCALL_ SIGNALF D4_ E - PPME_
SYSCALL_ SIGNALF D4_ X - PPME_
SYSCALL_ SIGNALFD_ E - PPME_
SYSCALL_ SIGNALFD_ X - PPME_
SYSCALL_ SPLICE_ E - PPME_
SYSCALL_ SPLICE_ X - PPME_
SYSCALL_ STAT64_ E - PPME_
SYSCALL_ STAT64_ X - PPME_
SYSCALL_ STAT_ E - PPME_
SYSCALL_ STAT_ X - PPME_
SYSCALL_ SYMLINKAT_ E - PPME_
SYSCALL_ SYMLINKAT_ X - PPME_
SYSCALL_ SYMLINK_ E - PPME_
SYSCALL_ SYMLINK_ X - PPME_
SYSCALL_ TGKILL_ E - PPME_
SYSCALL_ TGKILL_ X - PPME_
SYSCALL_ TIMERFD_ CREATE_ E - PPME_
SYSCALL_ TIMERFD_ CREATE_ X - PPME_
SYSCALL_ TKILL_ E - PPME_
SYSCALL_ TKILL_ X - PPME_
SYSCALL_ UMOUN T2_ E - PPME_
SYSCALL_ UMOUN T2_ X - PPME_
SYSCALL_ UMOUNT_ 1_ E - PPME_
SYSCALL_ UMOUNT_ 1_ X - PPME_
SYSCALL_ UMOUNT_ E - PPME_
SYSCALL_ UMOUNT_ X - PPME_
SYSCALL_ UNLINKAT_ 2_ E - PPME_
SYSCALL_ UNLINKAT_ 2_ X - PPME_
SYSCALL_ UNLINKAT_ E - PPME_
SYSCALL_ UNLINKAT_ X - PPME_
SYSCALL_ UNLINK_ 2_ E - PPME_
SYSCALL_ UNLINK_ 2_ X - PPME_
SYSCALL_ UNLINK_ E - PPME_
SYSCALL_ UNLINK_ X - PPME_
SYSCALL_ UNSHARE_ E - PPME_
SYSCALL_ UNSHARE_ X - PPME_
SYSCALL_ USERFAULTFD_ E - PPME_
SYSCALL_ USERFAULTFD_ X - PPME_
SYSCALL_ VFORK_ 17_ E - PPME_
SYSCALL_ VFORK_ 17_ X - PPME_
SYSCALL_ VFORK_ 20_ E - PPME_
SYSCALL_ VFORK_ 20_ X - PPME_
SYSCALL_ VFORK_ E - PPME_
SYSCALL_ VFORK_ X - PPME_
SYSCALL_ WRITEV_ E - PPME_
SYSCALL_ WRITEV_ X - PPME_
SYSCALL_ WRITE_ E - PPME_
SYSCALL_ WRITE_ X - PPME_
TRACER_ E - PPME_
TRACER_ X - PPME_
USER_ ADDED_ E - PPME_
USER_ ADDED_ X - PPME_
USER_ DELETED_ E - PPME_
USER_ DELETED_ X