Documentation for the TracingPolicy custom resource| Tetragon - eBPF-based Security Observability and Runtime Enforcement
Applying Kubernetes Identity Aware Policies requires information about Kubernetes (K8s) pods (e.g., namespaces and labels). Based on this information, the Tetragon agent can update the state so that Kubernetes Identify filtering can be applied in-kernel via BPF. One way that this information is available to the Tetragon agent is via the K8s API server. Relying on the API server, however, can lead to a delay before the container starts and the policy is applied.| Concepts on Tetragon - eBPF-based Security Observability and Runtime Enforcement
Monitor and throttle cgroup events rate| Tetragon - eBPF-based Security Observability and Runtime Enforcement
Documentation for Tetragon Events| Tetragon - eBPF-based Security Observability and Runtime Enforcement
Tetragon in-kernel filtering based on Kubernetes namespaces, pod labels, and container fields| Tetragon - eBPF-based Security Observability and Runtime Enforcement