You are viewing documentation for Falco version: v0.33.1

Falco v0.33.1 documentation is no longer actively maintained. The version you are currently viewing is a static snapshot. For up-to-date documentation, see the latest version.

Falco Alerts

Last modified December 15, 2022
Integrate Falco and send Falco Alerts in your desired platform

Falco can send alerts to one or more channels:

  • Standard Output
  • A file
  • Syslog
  • A spawned program
  • A HTTP/HTTPS endpoint
  • A client via the gRPC API

The channels are configured via the falco configuration file falco.yaml. See the Falco Configuration page for more details.

Find further information about how to configure each of those channels under Alert Channels.

Alert Channels

Supported channels for Falco Alerts

Formatting Alerts

Format Falco Alerts for Containers and Kubernetes

Last modified December 15, 2022: move Falco alerts section up (9e7aa31)