< back to blog

What’s new in Sysdig – July 2022

Tom Linkin
Tom Linkin
@
What’s new in Sysdig – July 2022
Published:
July 26, 2022
Table of contents
This is the block containing the component that will be injected inside the Rich Text. You can hide this block if you want.
This is the block containing the component that will be injected inside the Rich Text. You can hide this block if you want.

\rIt's time for another publication of What's New in Sysdig in 2022! I'm in charge of the "What's new in Sysdig" blog for the month of July! Hello, I'm Tom Linkin, a Sr. Solutions Engineer based in the Poconos up in Pennsylvania. I joined the incredible group of people at Sysdig nine months ago and have been helping support sales in the greater NYC region ever since. As cloud security needs continue to evolve, so does Sysdig, and I can't wait for you to see what we have in store for the future!\r

\r

\rThis month's highpoints include the addition of CloudWatch Metric Streams to Sysdig Monitor. There have also been plenty of updates to the various components in the Sysdig ecosystem.\r

\r\r\r

Sysdig Monitor

\r\r\r

Integrate AWS CloudWatch metric streams

\r

\rSysdig Monitor now can ingest metrics directly from Kinesis Firehose, allowing you to fully integrate all your existing AWS service metrics into Sysdig Monitor.\r

\r

\r

Connecting cloud accounts in Sysdig Monitor. Go to

\r

\rIn addition, we have also released nine out-of-the-box dashboards and alerts for the following AWS CloudWatch Metric Streams services:\r

\r

    \r
  • AWS ALB\r
  • AWS EBS\r
  • AWS ELB\r
  • AWS Fargate\r
  • AWS Lambda\r
  • AWS RDS\r
  • AWS S3\r
  • AWS SQS\r
  • \r

\r

\rFor more information on collecting AWS metrics, see this blog.\r

\r\r\r

Sysdig Secure

\r

\rStay tuned for exciting new developments in Sysdig Secure in the next edition of What's New.\r

\r

\rThis month, we have:\r

\r\r\r

Falco rules

\r

\rv0.74.3 is the latest version. Here are some highlights of the changes from v0.74.3, which we covered in June.\r

\r

\rCreated the following rules:\r

\r

    \r
  • GCP App Engine Firewall Rule Deleted\r
  • GCP App Engine Firewall Rule Updated\r
  • GCP Create Cloud Function v2 Not Using Latest Runtime\r
  • GCP Create Cloud Function v2\r
  • GCP Compute Firewall Rule Deleted\r
  • GCP Compute Firewall Rule Updated\r
  • GCP Delete Compute VM Instance\r
  • GCP Update Cloud Function v2\r
  • Malicious Environment Variable in Spawned Process\r
  • nsenter Container Escape\r
  • \r

\r

\rFurther details and the full changelog can be found on Sysdig documentation.\r

\r\r\r

Sysdig Agents

\r

\rThe latest Sysdig Agent release is v12.7.1.

Please refer to our v12.7.1 Release Notes for further details.\r

\r\r\r

SDK, CLI, and tools

\r\r\r

Sysdig CLI

\r

\rv0.7.14 is still the latest release. The instructions on how to use the tool and the release notes from previous versions are available at the following link:\r

\r

\rhttps://sysdiglabs.github.io/sysdig-platform-cli/\r

\r\r\r

Python SDK

\r

\rv0.16.4 is the new release with some minor fixes and updates.\r

\r

\rhttps://github.com/sysdiglabs/sysdig-sdk-python/releases/tag/v0.16.4\r

\r\r\r

Terraform Provider

\r

\rv0.5.39 is the newest release, which included a minor json fix.\r

\r

\rDocumentation – https://registry.terraform.io/providers/sysdiglabs/sysdig/latest/docs\r

\r

\rGithub link – https://github.com/sysdiglabs/terraform-provider-sysdig\r

\r\r\r

Terraform Modules

\r

\rAWS Sysdig Secure for Cloud has a new release! – v0.9.4 includes some minor fixes and new features\r

\rGCP Sysdig Secure for Cloud has not changed and is still v0.9.0 \r

\rAzure Sysdig Secure for Cloud has not changed and is still v0.9.0\r

\rNote: Please check release notes for potential breaking changes\r

\r\r\r

Falco Visual Studio Code Extension

\r

\rv0.1.0 continues to be the latest release.\r

\r

\rhttps://github.com/sysdiglabs/vscode-falco/releases/tag/v0.1.0\r

\r\r\r

Sysdig Cloud Connector

\r

\rSysdig Cloud Connector has not changed and remains at release v0.16.11.\r

\r

\rCheck the list of changes to get full details.\r

\r\r\r

Admission Controller

\r

\rSysdig Admission Controller has not changed and is still v3.9.5.\r

\r

\rDocumentation – https://docs.sysdig.com/en/docs/installation/admission-controller-installation/\r

\r\r\r

Runtime Vulnerability Scanner

\r

\rThe new vuln-runtime-scanner has been updated to release v1.2.0.\r

\r

\rDocumentation – https://docs.sysdig.com/en/docs/sysdig-secure/vulnerabilities/runtime\r

\r\r\r

Sysdig CLI Scanner

\r

\rSysdig CLI Scanner binary has been updated to v1.2.1.\r

\r

\rNote: If you are using this binary for local scanning in your development environment or your pipeline does not automatically pull the latest binary, we recommend you update. Follow the instructions in the documentation to retrieve the latest binary. The documented steps work well in a pipeline too when your CI/CD pipelines can access the Internet. Really, it's best to assume there's always a new release!\r

\r

\rDocumentation – https://docs.sysdig.com/en/docs/sysdig-secure/vulnerabilities/pipeline/\r

\r\r\r

Image Analyzer

\r

\rSysdig Image analyzer has had a release! – v0.1.18.\r

\r\r\r

Host Analyzer

\r

\rSysdig Host Analyzer has had a release! – v0.1.9.\r

\r

\rDocumentation: https://docs.sysdig.com/en/docs/installation/node-analyzer-multi-feature-installation/#node-analyzer-multi-feature-installation\r

\r\r\r

Sysdig Secure Inline Scan for Github Actions

\r

\r The latest release is still v3.4.0.\r

\r

\rhttps://github.com/marketplace/actions/sysdig-secure-inline-scan\r

\r\r\r

Sysdig Secure Jenkins Plugin

\r

\rThere has been a release! The latest version is now v2.1.16\r

\r

\rhttps://plugins.jenkins.io/sysdig-secure/\r

\r\r\r

Prometheus Integrations

\r

\rThere have been a few releases in the Prometheus Integrations space since the last post. An aggregate of changes is below.\r

\r\r\r

Integrations:

\r

    \r
  • fix: Prometheus job of Kubernetes CoreDNS not being able to get metrics because of error in port endpoint\r
  • feat: Added metric to kubelet job\r
  • fix: Added php-fpm logo in the docs\r
  • \r

\r\r\r

Dashboards and alerts:

\r

    \r
  • feat: Added updated "Time Series Usage" dashboard template to the repo\r
  • fix: AWS MetricStreams dashboard templates not being displayed\r
  • feat: Removed deprecated 'OutOfDisk' condition on Node Status and Performance dashboard\r
  • feat: Published alert templates for AWS MetricsStreams integrations:\r
      \r
    • ALB, EBS, ELB, ECS-Fargate, Lambda, RDS, S3, SQS\r
    • \r
    \r
  • fix: Changed titles in panel of capacity planning dashboard to reflect only containers' resource usage\r
  • fix: Changed "sysdig_shares_count" per "kube_resources_requests" in all dashboard templates\r
  • fix: Fixed minor typo in a MySQL alert name\r
  • \r

\r\r\r

Exporter images:

\r

    \r
  • fix: Error in JMX exporter image.\r
  • fix: Fixed port in Memcached exporter scratch image.\r
  • fix: Security updates in UBI images of all exporters:\r
      \r
    • Apache:\r
        \r
      • quay.io/sysdig/apache-exporter:v0.11.1-ubi\r
      • quay.io/sysdig/apache-exporter:v0.11.1\r
      • \r
      \r
    • Elasticsearch:\r
        \r
      • quay.io/sysdig/elasticsearch-exporter:v1.3.4-ubi\r
      • quay.io/sysdig/elasticsearch-exporter:v1.3.4\r
      • \r
      \r
    • Grok:\r
        \r
      • quay.io/sysdig/sysdig/grok-exporter:v1.0.4-ubi\r
      • quay.io/sysdig/sysdig/grok-exporter:v1.0.4\r
      • \r
      \r
    • JMX:\r
        \r
      • quay.io/sysdig/promcat-jmx-exporter:v0.17.3-ubi\r
      • quay.io/sysdig/promcat-jmx-exporter:v0.17.3\r
      • \r
      \r
    • Memcached:\r
        \r
      • quay.io/sysdig/memcached-exporter:v0.10.2-ubi\r
      • quay.io/sysdig/memcached-exporter:v0.10.2\r
      • \r
      \r
    • MongoDB:\r
        \r
      • quay.io/sysdig/mongodb-exporter:v0.11.9-ubi\r
      • quay.io/sysdig/mongodb-exporter:v0.11.9\r
      • \r
      \r
    • MySQL:\r
        \r
      • quay.io/sysdig/mysql-exporter:v0.14.1-ubi\r
      • quay.io/sysdig/mysql-exporter:v0.14.1\r
      • \r
      \r
    • NGINX:\r
        \r
      • quay.io/sysdig/nginx-exporter:v0.10.1-ubi\r
      • quay.io/sysdig/nginx-exporter:v0.10.1\r
      • \r
      \r
    • Node exporter:\r
        \r
      • quay.io/sysdig/node-exporter:v1.2.4-ubi\r
      • quay.io/sysdig/node-exporter:v1.2.4\r
      • \r
      \r
    • NTP:\r
        \r
      • quay.io/sysdig/ntp-exporter:v2.0.4-ubi\r
      • quay.io/sysdig/ntp-exporter:v2.0.4\r
      • \r
      \r
    • PHP-FPM:\r
        \r
      • quay.io/sysdig/php-fpm-exporter:v2.3.2-ubi\r
      • quay.io/sysdig/php-fpm-exporter:v2.3.2\r
      • \r
      \r
    • PostgreSQL:\r
        \r
      • quay.io/sysdig/postgresql-exporter:v0.10.8-ubi\r
      • quay.io/sysdig/postgresql-exporter:v0.10.8\r
      • \r
      \r
    • Redis:\r
        \r
      • quay.io/sysdig/redis-exporter:v1.43.1-ubi\r
      • quay.io/sysdig/redis-exporter:v1.43.1\r
      • \r
      \r
    • \r
    \r
  • \r

\r\r\r

Sysdig On-Premise

\r

\rThe 5.1.2-2 release is the latest for on-prem installs.\r

\rThis release adds support for Openshift 4.10\r

\r

\rThe full release notes can be found here: Sysdig Docs or Github.\r

\r\r\r

New website resources

\r\r\r

Blogs

\r

\r\r\r

Webinars

\r

\r\r\r

Tradeshows

\r

\r\r\r

Education

\r

About the author

Sysdig Features
featured resources

Test drive the right way to defend the cloud
with a security expert