Supported Operating Systems & Kernels



Kernel and glibc Versions

Check your kernel version before running our agent or installing the auditd package.

Minimum Linux kernel version 2.6.36 or greater
GNU C Library 2.7 or greater

Linux Kernel Conflicts

If your Threat Stack agent is greater than v1.4.0, it will detect the following incompatible kernel versions and abort the agent startup:

Linux kernel conflicts

Operating Systems

The Threat Stack Agent supports the following systems:


At this time, Threat Stack only support 64-bit operating systems (x86_64 or amd64). We do not support ARM, x86_32 or other 32-bit process architectures.

Platform Version Minimum GNU C Library version Minimum kernel version Notes


2.17 3.2.21  
CentOS/RHEL  6 2.12 v2.6.36 FAnotify is not available on this platform so CentOS 6 does not support user information for FIM results. More details here.
CentOS/RHEL  7 2.17 3.10  


2.23 4.10.1 Requires manual installation. GNU C Library version 2.23 shipped with 1339.0.0 (alpha).
Debian 7 Debian EGLIBC 2.13-38+deb7u01 3.2  
Fedora 25 2.24 4.10.x  
Ubuntu 14.04 Ubuntu EGLIBC 2.15-Ubuntu10.18 (~2.19) 3.13  
Ubuntu 16.04 Ubuntu GLIBC 2.23-0ubuntu9 3.13  


Threat Stack offers support for behavior and event monitoring on Docker containers running natively on the host. We support the following container:


Requires the latest Threat Stack Agent version and Linux kernel version >= 3.10.

We do not support orchestration tools, such as Kubernetes or Rancher.

Platform Version Minimum GNU libc version Minimum kernel version Notes
Docker 1.8.0 - 17.03.2-ce   Debian (Ubuntu) 3.10+ Requires the latest Threat Stack Agent version.
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request



Article is closed for comments.