< back to blog

Announcing Sysdig 0.5.0

Gianluca Borello
Announcing Sysdig 0.5.0
Published by:
Gianluca Borello
@
linkedin
Announcing Sysdig 0.5.0
@
linkedin
Announcing Sysdig 0.5.0
Published:
November 6, 2015
Table of contents
falco feeds by sysdig

Falco Feeds extends the power of Falco by giving open source-focused companies access to expert-written rules that are continuously updated as new threats are discovered.

learn more

New and updated features

  • Full Kubernetes support!
  • --k8s-api command line option: specify the Kubernetes API server endpoint
  • -pk: Kubernetes-friendly output format

New display/filter fields

  • k8s.pod.name: Kubernetes pod name.
  • k8s.pod.id: Kubernetes pod id.
  • k8s.pod.label: Kubernetes pod label. E.g. 'k8s.pod.label.foo'.
  • k8s.pod.labels: Kubernetes pod comma-separated key/value labels. E.g. 'foo1:bar1,foo2:bar2'.
  • k8s.rc.name: Kubernetes replication controller name.
  • k8s.rc.id: Kubernetes replication controller id.
  • k8s.rc.label: Kubernetes replication controller label. E.g. 'k8s.rc.label.foo'.
  • k8s.rc.labels: Kubernetes replication controller comma-separated key/value labels. E.g. 'foo1:bar1,foo2:bar2'.
  • k8s.svc.name: Kubernetes service name (can return more than one value, concatenated).
  • k8s.svc.id: Kubernetes service id (can return more than one value, concatenated).
  • k8s.svc.label: Kubernetes service label. E.g. 'k8s.svc.label.foo' (can return more than one value, concatenated).
  • k8s.svc.labels: Kubernetes service comma-separated key/value labels. E.g. 'foo1:bar1,foo2:bar2'.
  • k8s.ns.name: Kubernetes namespace name.
  • k8s.ns.id: Kubernetes namespace id.
  • k8s.ns.label: Kubernetes namespace label. E.g. 'k8s.ns.label.foo'.
  • k8s.ns.labels: Kubernetes namespace comma-separated key/value labels. E.g. 'foo1:bar1,foo2:bar2'.

New csysdig views

  • Kubernetes Controllers
  • Kubernetes Namespaces
  • Kubernetes Pods
  • Kubernetes Services

Misc

  • Add a convenient USE_BUNDLED_DEPS CMake option to enable/disable all bundled dependencies at once.
  • New build/runtime dependencies: libb64, libcurl, openssl.

Known issues

  • The Kubernetes state is not yet serialized to a trace file, this will come over the next release. Thus, if you take a trace file, be sure to still use -k in conjunction with -r to make sure the Kubernetes data is fetched from the API server when reading it.

Downloads

Sources

Release detailsUpdate instructionsInstallation instructionsSource code

Support

Community support is available on the sysdig mailing list.Bugs and issues can be submitted through github.

About the author

No items found.
recursos destacados

Test drive the right way to defend the cloud
with a security expert

OBTENER UNA DEMOSTRACIÓN