Skip to content

Release v0.0.-128

Latest
Latest
Compare
Choose a tag to compare
@github-actions github-actions released this 18 Dec 07:06
· 2 commits to main since this release
v0.0.-128
a63a525
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Overview

Currently the Prometheus Exporter only provides metrics on a cluster and namespace level. We find it useful to also have an overview on a workload level which gives the possibility to know which exact Deployment has the most vulnerabilities or define custom alerts.

According to the existing metrics name pattern a new suffix is introduced for Vulnerabilities and ConfigurationScans like:

  • kubescape_controls_total_workload_<severity>
  • kubescape_vulnerabilities_total_workload_<severity>
  • kubescape_vulnerabilities_relevant_workload_<severity>

Additional Information

Initial discussion started here:
https://cloud-native.slack.com/archives/C04GY6H082K/p1733500846063089

How to Test

Examples/Screenshots

This is how the metrics are exported via /metrics endpoint. Note the value is a dummy.

kubescape_controls_total_workload_medium{namespace="monitoring",workload="promtail",workload_kind="serviceaccount"} 1
kubescape_vulnerabilities_total_workload_critical{namespace="monitoring",workload="promtail",workload_kind="daemonset"} 2
kubescape_vulnerabilities_relevant_workload_medium{namespace="monitoring",workload="promtail",workload_kind="daemonset"} 3
Assets 2
Loading