New `add_lxc_metadata` processor for adding LXC container ID

Hello! I want to audit system events which happen inside LXC containers. Is it able to do with Auditbeat?

I started development of a new add_lxc_metadata processor which would add field to the event data just like add_docker_metadata do.

I already have a working and tested minimal working solution and opened a PR for that:

I appreciate any comments, hints and suggestions!

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.