# Prometheus Kubescape Integration 1. Deploy kubescape ```bash kubectl apply -f ks-deployment.yaml ``` > **NOTE** Make sure the configurations suit your cluster (e.g. `serviceType`, etc.) 2. Deploy kube-prometheus-stack ```bash helm repo add prometheus-community https://prometheus-community.github.io/helm-charts helm repo update kubectl create namespace prometheus helm install -n prometheus kube-prometheus-stack prometheus-community/kube-prometheus-stack --set prometheus.prometheusSpec.podMonitorSelectorNilUsesHelmValues=false,prometheus.prometheusSpec.serviceMonitorSelectorNilUsesHelmValues=false ``` 3. Deploy pod monitor ```bash kubectl apply -f podmonitor.yaml ``` ## Metrics All kubescape related metrics begin with `kubescape` > `riskScore` is the output of an algorithm calculating the risk of the vulinrability. `0` indicates there is no risk and `100` indicates highest risk. #### Cluster scope metrics ##### Overall risk score ``` # Overall riskScore of the scan kubescape_cluster_riskScore{} ``` ###### Overall resources counters ``` # Number of resources that failed kubescape_cluster_count_resources_failed{} # Number of resources that where excluded kubescape_cluster_count_resources_excluded{} # Number of resources that passed kubescape_cluster_count_resources_passed{} ``` ###### Overall controls counters ``` # Number of controls that failed kubescape_cluster_count_controls_failed{} # Number of controls that where excluded kubescape_cluster_count_controls_excluded{} # Number of controls that passed kubescape_cluster_count_controls_passed{} ``` #### Frameworks metrics ##### Frameworks risk score ``` kubescape_framework_riskScore{name=""} ``` ###### Frameworks resources counters ``` # Number of resources that failed kubescape_framework_count_resources_failed{} # Number of resources that where excluded kubescape_framework_count_resources_excluded{} # Number of resources that passed kubescape_framework_count_resources_passed{} ``` ###### Frameworks controls counters ``` # Number of controls that failed kubescape_framework_count_controls_failed{name=""} # Number of controls that where excluded kubescape_framework_count_controls_excluded{name=""} # Number of controls that passed kubescape_framework_count_controls_passed{name=""} ``` #### Controls metrics ##### Controls risk score ``` kubescape_control_riskScore{name="",url="",severity=""} ``` ###### Controls resources counters ``` # Number of resources that failed kubescape_control_count_resources_failed{name="",url="",severity=""} # Number of resources that where excluded kubescape_control_count_resources_excluded{name="",url="",severity=""} # Number of resources that passed kubescape_control_count_resources_passed{name="",url="",severity=""} ```