Two tools are pre-installed on the cluster's worker node:
Using the tool of your choice (including any non pre-installed tool), analyze the container's behavior for at least 30 seconds, using filters that detect newly spawning and executing processes.
Store an incident file at /opt/KSRS00101/alerts/details, containing the detected incidents, one per line, in the following format:
The following example shows a properly formatted incident file:
Gail
5 months agoAmmie
3 months agoLenora
3 months agoIraida
3 months agoTayna
3 months agoCasie
5 months agoYoulanda
5 months agoMalinda
4 months agoLajuana
4 months agoBeth
4 months agoTracey
5 months agoPortia
4 months agoPamella
4 months agoGlen
4 months agoIrene
4 months agoCelestine
5 months agoMarsha
6 months agoKarma
5 months agoBilly
5 months agoTamar
5 months agoTamie
6 months agoCelestine
6 months agoTamie
6 months ago