Carbon Black Event Collection

This repository contains several of the tools used for event collection across the Carbon Black Cloud Linux agent.

kernel_event_collector_module: Kernel-based collection module for use on RHEL 6/7/8 distributions
bpf_probe: eBPF-based collector for Linux 4.4+ kernels that support BPF
app_control_event_kernel_module: Access controls via userspace and event collection

Contributing

The kernel-event-collector-module project team welcomes contributions from the community. Before you start working with kernel-event-collector-module, please read our Developer Certificate of Origin. All contributions to this repository must be signed as described on that page. Your signature certifies that you wrote the patch or have the right to pass it on as an open-source patch. For more detailed information, refer to CONTRIBUTING.md.

License

See LICENSE.txt

Name		Name	Last commit message	Last commit date
Latest commit History 813 Commits
app_control_event_kernel_module		app_control_event_kernel_module
bpf_probe		bpf_probe
kernel_event_collector_module		kernel_event_collector_module
.gitignore		.gitignore
.gitlab-ci.yml		.gitlab-ci.yml
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE.txt		LICENSE.txt
NOTICE.txt		NOTICE.txt
README.md		README.md
peru.yaml		peru.yaml
project.yml		project.yml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Carbon Black Event Collection

Contributing

License

About

Releases

Packages

Contributors 7

Languages

License

vmware/kernel-event-collector-module

Folders and files

Latest commit

History

Repository files navigation

Carbon Black Event Collection

Contributing

License

About

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Releases

Packages 0

Contributors 7

Languages

Packages