Write a TracingPolicy with a kprobe or tracepoint targeting the function or syscall you want to restrict
Add an 'action' entry in the selector with 'action: Sigkill' to instruct Tetragon to send SIGKILL to the matching process
Apply the policy in a test namespace first and validate with a non-critical process before applying cluster-wide
Run 'tetra getevents' and confirm that process_kprobe events for the matched process include an action field indicating the kill was sent
Verify that the target process is terminated and does not continue execution after matching the policy condition
Monitor Tetragon pod logs for any errors indicating the action could not be applied due to missing capabilities
Known gotchas
Sigkill enforcement requires Tetragon to be deployed with the appropriate Linux capabilities and the enforce flag enabled at the Tetragon deployment level; observe-only mode will log but not act
Actions fire at the kprobe entry or return point; killing at the wrong point may allow partial execution to complete — consider whether entry-point or return-point kprobe placement is appropriate for your use case
Testing enforcement policies in production is risky; always validate in a staging environment first and use namespace-scoped TracingPolicies with matchNamespaces selectors to limit blast radius
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp