content/en/docs/reference/rules/examples/index.md
Here are some examples of the types of behavior falco can detect.
For a more comprehensive set of examples, see the full rules file at falco_rules.yaml.
{{< markdown_inline format = "raw" contentPath = "/docs/reference/rules/examples/run_shell_in_container.md"
}}
{{< markdown_inline format = "raw" contentPath = "/docs/reference/rules/examples/elasticsearch_unexpected_network_outbound.md"
}}
{{< markdown_inline format = "raw" contentPath = "/docs/reference/rules/examples/write_binary_dir.md"
}}
{{< markdown_inline format = "raw" contentPath = "/docs/reference/rules/examples/change_thread_namespace.md"
}}
{{< markdown_inline format = "raw" contentPath = "/docs/reference/rules/examples/create_files_below_dev.md"
}}
{{< markdown_inline format = "raw" contentPath = "/docs/reference/rules/examples/access_camera.md"
}}