- What and Who is Sysdig ?
- How do we do that ?
- Sysdig Overview and Value proposition
- Sysdig Monitoring & Security & Forensic
- Sysdig Subscription Models and Services
https://drive.google.com/drive/folders/1cpsfhZ7h0wyCN4Pb1eat18jSq8XaFUID
Sysdig Monitoring
-
Agent overview
- Unified daemon set
- Less resource savvy, About 2 % of total CPU/Mem
-
Deployment overview
- SaaS
- On-Prim
- Default grouping
- Custom grouping Basic Metrics table view : CPU/MEM/FS/NETWORK
- Default understanding of orchestration layer
-
HOST & CONTAINER EXPLORE mycustom
- Memory
- Sysdig
-
KUBERNETES (explore - services/mycustom)
-
NETWORK (explore - mycustom)
-
SERVICES (explore - services)
- CAST SOME VOTE ON VOTEAPP
- GOLDEN RULE (CHANGE TO SERVICES IN EXPLORE)
-
TOPOLOGY (explore - services)
- CPU
- Network
- Response
-
APPLICATIONS (explore - mycustom)
- ALL
-
COMPLIANCE
- Docker
- K8
-
METRICS
- App checks
- Kubernetes
- Host (JMX/StatsD)
- System
- StatsD
- Custom Dashboards
- DDOSATTACK
- Alert creation
- Alert Types
- Down
- metrics
- Events
- Anomaly
- Alert Types
- DDOSATTACK Event
- Event Scoping
- Event Severity (High, Medium, Low , Info)
- Event Types & filter (Alert, Container,Kubernetes)
- Event Status (Triggered,Resolved,Acknowledge,Unack)
- Sysdig Inspect
- Users
- Teams and Roles
- Notification Channels
- Authentication
Evaluated against multiple vulnerability databases
- Centos, Debian, Ruby, Red Hat, Ubuntu, Python, CVE, NIST, NPM, Alpine NVD
https://sysdig.atlassian.net/wiki/spaces/PROD/pages/864813638/Security+at+Sysdig
Agent installation Kubernetes:
Kernel header apt-get -y install linux-headers-$(uname -r)