docs: document tetragon daemon --tracing-policy and --tracing-policy-dir

This documents how the daemon acts on both --tracing-policy and --tracing-policy-dir settings. Signed-off-by: Djalal Harouni <[email protected]>
cilium · Jul 31, 2023 · 9a8371e · 9a8371e
1 parent 155d2e4
commit 9a8371e
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/docs/content/en/docs/reference/tetragon-configuration.md b/docs/content/en/docs/reference/tetragon-configuration.md
@@ -187,3 +187,11 @@ it will try to detect if Tetragon daemon is running on the same host and use its
 {{< caution >}}
 Ensure that you have enough privileges to open the gRPC unix socket since it is restricted to privileged users only.
 {{< /caution >}}
+
+## Configure Tracing Policies location
+
+Tetragon daemon automatically loads [Tracing policies](/docs/concepts/tracing-policy) from the default `/etc/tetragon/tetragon.tp.d/` directory. Tracing policies can be organized in directories such: `/etc/tetragon/tetragon.tp.d/file-access`, `/etc/tetragon/tetragon.tp.d/network-access`, etc.
+
+The `--tracing-policy-dir` controlling setting can be used to change the default directory from where [Tracing policies](/docs/concepts/tracing-policy) are loaded.
+
+The `--tracing-policy` controlling setting can be used to specify the path of one tracing policy to load.