Falco Plugins
The Falco libraries and Falco itself can be extended by using Plugins. Plugins are shared libraries that conform to a documented API and allow for:
- Adding new event sources that can be evaluated using filtering expressions/Falco rules.
- Adding the ability to define new fields that can extract information from events.
This section describes how plugins fit into the existing event processing pipeline and how to enable/configure plugins in Falco.
Plugins Architecture Concepts
Learn the basic concepts of the Plugin Architecture
How Falco Uses Plugins
Plugins for Falco libraries/Falco daemon
Where's the Code
Find out about the included plugins in Falco and the Plugins SDK
Falco Plugins Developers Guide
Start writing your own Falco plugins
Falco Plugins Go SDK Walkthrough
High-level documentation of the Go SDK
Registered Plugins
List of officially registered plugins
Falco Plugins API Reference
Learn how the Plugins API works
Was this page helpful?
Let us know! You feedback will help us to improve the content and to stay in touch with our users.
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.