Secure Subscription
To access the Subscription page:
Log in as administrator to Sysdig Secure.
Select Settings > Subscription via the user menu in the bottom left corner.
Your current subscription information is displayed.
If you also have access to Sysdig Monitor, you can see its subscription details by clicking the Go to Monitor button on the top right. Read about the content of that page in Monitor Subscription.
Subscription Details
Under Subscription Details, you can find:
- Your product: Sysdig Monitor, or Sysdig Platform (Sysdig Secure and Sysdig Monitor).
- Your tier.
- The contract billing cycle.
- The number of reserved and on-demand resources included in your Sysdig subscription. Specifically regarding the Secure product:
- Units
- Host Agents (alternative to Units)
- Serverless agents (alternative to Units)
- Sysdig Sage prompts
- Runtime Data Retention
Download Usage
On the Subscription page, click Download Usage to download usage history for:
- The current month to date.
- The current month to date & the previous month.
- The current month to date & the previous two months.
- The current month to date & the previous six months.
This information is formatted as a comma-separated values (CSV) file. Details about the content are available in Reference: Usage report content.
Usage
Under the Subscription Details section, you can find the usage for each resource included in your subscription, depending on the product.
Platform subscriptions will have Monitor and Secure resources in their entitlement.
Monitor and Secure resources (related to both, depending on the Product and Tier):
- Host Agents: Reserved and on-demand host agents. See Host Agent Licenses.
- Active host agents deployment type overview: Currently connected agents breakdown per deployment type. See Active host agents deployment type overview.
- Host Agents - Previous Hour: Reserved and on-demand for the previous hour.
Monitor resources:
- Time Series - Previous Hour: Applicable to Monitor only. See Time Series Billing.
Secure resources:
- Units: Number of units connected. See Units.
- Compute Resources: Number of Compute Resources across all Cloud accounts. See Compute Resources.
- Cloud Logs - Month to Date: Number of analyzed log events per month. See Cloud Logs.
- Container as a Service usage: Container as a Service (CaaS) usage month to date (AWS Fargate, Google Cloud Run, and Azure Container Apps). Applicable to Secure only. See CaaS usage.
- Sysdig Sage: Number of prompts submitted for the current month, over the available entitlement. For more details, see Sysdig Sage.
Units
Depending on your subscription tier, the Unit section may be visible. Here, you can compare Unit usage and entitlement.
- The bar on the left shows the connected Units over those reserved.
- The bar on the right on the right shows the on-demand Units, if included in the subscription. Units exceeding the reserved entitlement will show up as On-demand Units being used.
- The bottom left displays a resource breakdown. Use this to learn how the Units are allocated across the different resource types in the environment: Hosts, Serverless Container instances and Serverless Functions
- The bottom right illustrates a further break down where you can see how units are connected for each different resource type. This helps you getting the most of your licensing, ensuring all the resources have the full coverage.
Units round up to the nearest whole number.
Host Agents
Host agents entitlement and usage is reported in two sections:
- Host Agents - Current Usage
- Active host agents deployment type overview
Current Usage
The section displays the number of currently connected agents, compared to the entitlement.
The bar on the left represents the agents included in the subscription, showing you how many slots you're currently using, compared to those that are available.
On the right, the on-demand bar shows you how many additional agents you can connect, on top of the reserved entitlement. If your contract doesn't include on-demand usage, this will be disabled, meaning that you can only fill the reserved available slots, after which, additional connections will be refused.
Active Host Agents Deployment Type Overview
This bar breaks down the currently deployed agents into different types:
- Containerised: The number of agents running in a containerized environment.
- Non-containerised - The number of agents running in a non-containerised environment.
- Unspecified - The number of agents running in an unknown environment. Update Sysdig Agent to version 12.18.0 or later to receive environment information.
Agent Connections
Agents connect on a first-come, first-served basis. In the event of an over-subscription (more agents wanting to communicate than are licensed), they will attempt to reconnect on a periodic basis. Once an existing communicating instance goes down and disconnects, the next agent in the queue will connect.
When shutting down a host for any reason, the agent's license will not be immediately released. This permits the agent to retain its licensing slot for short outages or a reboot. The time-out interval can take up to 20 minutes, and if the connection has not been re-established within the interval the license will be released for use by the next host waiting to connect.
The distinction between reserved and on-demand agents is financial, not technical; when on-demand agents are used they perform exactly like reserved agents.
Compute Resources
The Compute Resources bar displays the number of compute instances in the connected Cloud accounts and the Compute Resources in your entitlement.
This amount is regularly refreshed and based on the resources in Inventory.
Cloud Logs
Cloud Logs shows the amount of logs processed in the current month over the total, based on your entitlement.
The amount this entitlement refers to is the number of log entries the customer sends from their environment to Sysdig for processing. This therefore doesn’t include anything processed locally by components such as the Sysdig Shield.
Using the three-dots menu on the right, you can download a 6-month usage report, including the data up to the current month-to-date.
For more details about the content available, see Reference: Usage report content.
Container as a Service usage
The Container as a Service (CaaS) usage bars display the individual usage of each CaaS type, and the remaining availability, for the current month to date.
Three types of CaaS are supported by Sysdig:
- AWS ECS Fargate, metered per Task
- Google Cloud Run Container-type Services, metered per instance
- Azure Container Apps, metered per replica
Sysdig only displays the types that are applicable to you, for which we have recorded usage.
The entitlement is provided in instances-hours for the month. Each instance connected consumes this availability, with minute-level granularity:
- 2 instances connected for 60 minutes count as 2-instances-hour
- 2 instances, connected for a total of 30 minutes during the hour, each, count as 1-instance-hour
See Linux on Serverless for more information about serverless agents.
Sysdig Sage
Sysdig Sage is metered per prompt. The bar will show the prompts inputted by users over those included in the subscription for the current month.
Learn more about Sysdig Sage in here.
Reference: Usage report content
The Usage report contains data across all the different meters in the page, therefore being based on what’s included in the entitlement:
- Standard Columns, available to everyone
- Time Series Billing Columns, available when Time Series billing is enabled (Platform customers only)
- Container as a Service Columns, available when Serverless agents are included in the subscription
- Sysdig Sage Columns, available when Sysdig Sage is included in the subscription The report has one row per hour, sorted from the most to the least recent.
Standard Columns
Every usage history CSV file has the following columns:
| Field name | Description |
|---|---|
customer_id | Internal Customer ID |
time_from | Start time for the hourly usage record (UTC) |
time_to | End time for the hourly usage record (UTC) |
units_used | Units connected, across all resources and integrations |
reserved_agents | Agents included in the license base entitlement |
on_demand_agents_connected | Connected on-demand agents for the given period |
total_agents_connected | Connected agents, either reserved or on-demand |
on_demand_agents_limit | Limit of additional on-demand agents that can be connected |
cloud_logs_used | Volume of logs ingested since the beginning of the month |
compute_resource_limit | Compute resources included in the entitlement. 0 for Unit-based licenses |
ec2_instances_used | Number of AWS hosts connected as of the last scan |
compute_instances_used | Number of GCP and OCP hosts connected as of the last scan |
virtual_machines_used | Number of Azure hosts as of the last scan |
cspm_total_compute_resource_count | Total amount of Cloud hosts connected as of the last scan, for Unit-based licenses |
agentless_ecs_container_count | Number of ECS Fargate Tasks connected as of the last scan, for Unit-based licenses |
agentless_cloud_run_container_count | Number of Google Cloud Run container instances as of the last scan, for Unit-based licenses |
agentless_azure_container_count | Number of Azure Container Apps, as of the last scan, for Unit-based licenses |
agentless_caas_count | Total number of Container as a Service instances as of the last scan, for Unit-based licenses |
agentless_lambda_function_count | Number of FaaS instances in AWS as of the last scan, for Unit-based licenses |
agentless_cloud_function_count | Number of FaaS instances in GCP as of the last scan, for Unit-based licenses |
agentless_azure_function_count | Number of FaaS instances in Azure as of the last scan, for Unit-based licenses |
agentless_faas_count | Total amount of FaaS instances connected as of the last scan, for Unit-based licenses |
Time Series Billing Columns
The following columns are found in the usage history file when time series billing is enabled, in Platform subscriptions:
| Field name | Description |
|---|---|
included_timeseries_per_agent | Time series per hour included in the agent price |
prepaid_timeseries | Pre-paid time series per hour |
total_reserved_timeseries | Total entitled time series per hour (included in the agent price and pre-paid) |
total_used_timeseries | Time series ingested during the hour |
used_timeseries_over_reserved | Time series overage (over total entitled) |
Container as a Service Columns
The following columns are available in the usage history file when Container as a Service (CaaS) billing is enabled, for non-Units-based subscriptions:
| Field name | Description |
|---|---|
ecs_fargate_agent_usage_minutes | Sum of all Fargate Agent workload minutes during the hour |
gcp_run_agent_usage_minutes | Sum of all Google Cloud Run Agent minutes during the hour |
aca_agent_usage_minutes | Sum of all Amazon Container Apps Agent minutes during the hour |
agent_caas_minutes | Sum of all Amazon Container Apps Agent minutes during the hour |
Sysdig Sage Columns
The following columns are available in the usage history file when Sysdig Sage is enabled:
| Field name | Description |
|---|---|
sage_prompts_limit | Maximum number of allowed prompts |
sage_prompts_used | Used number of prompts |
Reference: Cloud Logs report content
The report contains a row per day, with the sum of cloud logs Sysdig received for that day The following columns are available in the Cloud Logs usage report:
| Field name | Description |
|---|---|
date | Day the logs refer to |
cloud_logs_used | Log volume for date across all integrations |
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.
