github/kubescape
1
0
Fork 0
mirror of https://github.com/kubescape/kubescape.git synced 2026-03-30 07:20:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
v2.0.340
kubescape/httphandler/examples/prometheus
History
David Wertenteil 826106090b update URL
2022-07-10 14:01:02 +03:00
..
grafana-kubescape-dashboard.json
adding grafana dashboard
2022-05-31 15:58:59 +03:00
ks-deployment.yaml
update URL
2022-07-10 14:01:02 +03:00
podmonitor.yaml
remove v1 format
2022-04-10 16:26:59 +03:00
README.md
update readme
2022-05-22 10:59:48 +03:00

README.md

Prometheus Kubescape Integration

  1. Deploy kubescape

    kubectl apply -f ks-deployment.yaml

    Note

    Make sure the configurations suit your cluster (e.g. serviceType, etc.)

  2. Deploy kube-prometheus-stack

    helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo update
kubectl create namespace prometheus
helm install -n prometheus kube-prometheus-stack prometheus-community/kube-prometheus-stack --set prometheus.prometheusSpec.podMonitorSelectorNilUsesHelmValues=false,prometheus.prometheusSpec.serviceMonitorSelectorNilUsesHelmValues=false

  3. Deploy pod monitor

    kubectl apply -f podmonitor.yaml

Metrics

All kubescape related metrics begin with kubescape

riskScore is the output of an algorithm calculating the risk of the vulinrability. 0 indicates there is no risk and 100 indicates highest risk.

Cluster scope metrics

Overall risk score
# Overall riskScore of the scan
kubescape_cluster_riskScore{} <risk score>
Overall resources counters
# Number of resources that failed 
kubescape_cluster_count_resources_failed{} <counter>

# Number of resources that where excluded
kubescape_cluster_count_resources_excluded{} <counter>

# Number of resources that passed
kubescape_cluster_count_resources_passed{} <counter>
Overall controls counters
# Number of controls that failed 
kubescape_cluster_count_controls_failed{} <counter>

# Number of controls that where excluded 
kubescape_cluster_count_controls_excluded{} <counter>

# Number of controls that passed
kubescape_cluster_count_controls_passed{} <counter>

Frameworks metrics

Frameworks risk score
kubescape_framework_riskScore{name="<framework name>"} <risk score>
Frameworks resources counters
# Number of resources that failed 
kubescape_framework_count_resources_failed{} <counter>

# Number of resources that where excluded
kubescape_framework_count_resources_excluded{} <counter>

# Number of resources that passed
kubescape_framework_count_resources_passed{} <counter>
Frameworks controls counters
# Number of controls that failed 
kubescape_framework_count_controls_failed{name="<framework name>"} <counter>

# Number of controls that where excluded 
kubescape_framework_count_controls_excluded{name="<framework name>"} <counter>

# Number of controls that passed
kubescape_framework_count_controls_passed{name="<framework name>"} <counter>

Controls metrics

Controls risk score
kubescape_control_riskScore{name="<control name>",url="<docs url>",severity="<control severity>"} <risk score>
Controls resources counters
# Number of resources that failed 
kubescape_control_count_resources_failed{name="<control name>",url="<docs url>",severity="<control severity>"} <counter>

# Number of resources that where excluded
kubescape_control_count_resources_excluded{name="<control name>",url="<docs url>",severity="<control severity>"} <counter>

# Number of resources that passed
kubescape_control_count_resources_passed{name="<control name>",url="<docs url>",severity="<control severity>"} <counter>
Reference in New Issue View Git Blame Copy Permalink