Skip to content

Implement a rule based alerting system in Kubescape to send notifications (Monitoring phase) #23

New issue
New issue
Open
Open
Implement a rule based alerting system in Kubescape to send notifications (Monitoring phase)#23
Labels
help wantedExtra attention is needed
@matthyx

Description

@matthyx
matthyx
opened on Dec 10, 2024

Overview

Export enough data in Prometheus to allow using alert manager for sending alerts based on posture (vulnerabilities+configuration).

Problem

As a user of Kubescape I want to use Prometheus exporter to send alerts:

  • I want to get alerts when a privileged container is created.
  • I want to get notified when a new vulnerability is discovered on my workloads.
  • etc...

We're not (yet) convinced Prometheus metrics are the best tool to trigger alerts:

  • How to send an alert when a specific CVE appears?
  • Try to avoid creating individual metrics for each and every CVE...

Solution

Alternatives

  • CEL rules?
    • benefit: could be used in admissions too
    • drawback: need to write a rule engine
  • Kyverno or other admission controller solution?
    • not sure it will work with our CRDs
    • might need a full object returned from the watch

Additional context

We're looking for someone or an organization that has this need, and could help define requirements and use cases for this feature.
This is not necessary code contributions, but rather ideas and descriptions in plain English.

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    help wantedExtra attention is needed

    Type

    No type

    Projects

    Kubescaping

    • Status

      Feature
    Roadmap

    • Status

      No status

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions