feature(k8s): add default events to k8s policies

deploy/helm/tracee/templates/tracee-policies.yaml

@@ -6,6 +6,52 @@ metadata:
   labels:
     {{- include "tracee.labels" . | nindent 4 }}
 data:
+  default_events.yaml: |-
+    name: default_events
+    description: tracee default events
+    scope:
+      - global
+    rules:
+      - event: creat
+      - event: chmod
+      - event: fchmod
+      - event: chown
+      - event: fchown
+      - event: lchown
+      - event: ptrace
+      - event: setuid
+      - event: setgid
+      - event: setpgid
+      - event: setsid
+      - event: setreuid
+      - event: setregid
+      - event: setresuid
+      - event: setresgid
+      - event: setfsuid
+      - event: setfsgid
+      - event: init_module
+      - event: fchownat
+      - event: fchmodat
+      - event: setns
+      - event: process_vm_readv
+      - event: process_vm_writev
+      - event: finit_module
+      - event: memfd_create
+      - event: move_mount
+      - event: sched_process_exec
+      - event: security_inode_unlink
+      - event: security_socket_connect
+      - event: security_socket_accept
+      - event: security_socket_bind
+      - event: security_sb_mount
+      - event: container_create
+      - event: container_remove
+      - event: net_packet_icmp
+      - event: net_packet_icmpv6
+      - event: net_packet_dns_request
+      - event: net_packet_dns_response
+      - event: net_packet_http_request
+      - event: net_packet_http_response
   signatures.yaml: |-
     name: signature_events
     description: traces all signature events

deploy/kubernetes/tracee/tracee.yaml

@@ -8,9 +8,55 @@ metadata:
     app.kubernetes.io/part-of: tracee
   name: tracee-policies
 data:
+  default_events.yaml: |-
+    name: default_events
+    description: tracee default events
+    scope:
+      - global
+    rules:
+      - event: creat
+      - event: chmod
+      - event: fchmod
+      - event: chown
+      - event: fchown
+      - event: lchown
+      - event: ptrace
+      - event: setuid
+      - event: setgid
+      - event: setpgid
+      - event: setsid
+      - event: setreuid
+      - event: setregid
+      - event: setresuid
+      - event: setresgid
+      - event: setfsuid
+      - event: setfsgid
+      - event: init_module
+      - event: fchownat
+      - event: fchmodat
+      - event: setns
+      - event: process_vm_readv
+      - event: process_vm_writev
+      - event: finit_module
+      - event: memfd_create
+      - event: move_mount
+      - event: sched_process_exec
+      - event: security_inode_unlink
+      - event: security_socket_connect
+      - event: security_socket_accept
+      - event: security_socket_bind
+      - event: security_sb_mount
+      - event: container_create
+      - event: container_remove
+      - event: net_packet_icmp
+      - event: net_packet_icmpv6
+      - event: net_packet_dns_request
+      - event: net_packet_dns_response
+      - event: net_packet_http_request
+      - event: net_packet_http_response
   signatures.yaml: |-
     name: signature_events
-    description: traces all signature events
+    description: tracee default signature events
     scope:
       - global
     rules: