Sysdig Technical Deep Dive: From Wireshark to Sysdig

Workshop Source code:

Getting started

## warning: host level directives. deploy with docker-compose up -d
version: '3.7'
x-flags: &common
    environment:
      TZ: Etc/UTC
      HOSTNAME: $(HOSTNAME)
      DOMAIN: $(DOMAIN:-local)
    tty: true
    stdin_open: true
    privileged: true
    volumes:
        - /var/run/docker.sock:/host/var/run/docker.sock
        - /dev:/host/dev
        - /proc:/host/proc:ro
        - /boot:/host/boot:ro
        - /lib/modules:/host/lib/modules:ro
        - /usr:/host/usr:ro

services:
    falco:
        image: falcosecurity/falco:latest
        <<: *common

    sysdig:
        image: sysdig/sysdig:latest
        <<: *common