Hello,
I wonder, if there's possibility for elastic-agent to distinguish between actions in docker/containers/k8s and actions occuring directly on host.
The issue is there are bunch of FP alerts, which are related to containers and are confusing and add additional toil for analysts