Installation
Sysdig Installation Guides
This guide describes deployment options for various Sysdig components.
For Sysdig Secure and Sysdig Monitor
For Sysdig Secure Only
Node Analyzer: Multi-Feature Installation for compliance benchmarks, runtime scanner, as well as for the legacy-engine host scanner and image analyzer.
Admission Controller for enhanced scanning on the legacy engine and Kubernetes audit logging (both new and old engines).
Rapid Response allows designated Advanced Users to remote connect into a host
Serverless Agents for container-based cloud environments such as Fargate.
Secure for Cloud Only
Sysdig Secure for Cloud connection components: CIS Benchmarks, threat detection based on cloud provider native logs and compute resources, and registry image scanning.
Sysdig Installation Component Index
This section helps identify the components you must install to use various Sysdig features.
Sysdig Monitor
| Features | Installation Components |
|---|---|
| Advisor / Overview Dashboards Explore Alerts Prometheus Service Discovery Events | Sysdig Agent. Alternatively, you can use Prometheus Remote Write. While you can use Sysdig Monitor with Prometheus Remote Write, system metrics, extended label set, and the scope tree will not be available as it does not collect syscall events. |
| AWS CloudWatch Metrics | None. Configured in the Sysdig Monitor UI. |
Sysdig Secure
To take advantage of Sysdig Secure’s latest features, including Vulnerability Management and Actionable Compliance, use the sysdig-deploy helm chart. Currently, helm is the only supported installation method to avail the latest features.
The helm chart includes sub-charts for the following:
Sysdig Secure for Cloud components have their own install procedures, depending on the cloud environment.
Runtime Security / Threat Detection
Compliance and Benchmarks
| Features | Installation Components |
|---|---|
| Compliance (New module, GA) | KSPM Analyzer & KSPM Collector |
| Unified Compliance (Legacy version ) Compliance Checks – Workload Benchmarks - Host / Workload | Node Analyzer – Benchmark Runner |
| Compliance Checks – Cloud | Sysdig Secure for Cloud |
| Benchmarks - Cloud | Sysdig Secure for Cloud |
| CIEM/ Identity and Access | Sysdig Secure for Cloud |
Vulnerability Management - New Engine
| Features | Installation Components |
|---|---|
| Runtime | Node Analyzer - Sysdig Runtime Scanner |
| Reporting | Node Analyzer - Sysdig Runtime Scanner |
| Build Pipeline (CLI scanner) | Sysdig-cli-scanner |
| Registry Scanning on AWS ECS | Sysdig Secure for cloud |
| Host Scanning (Preview) coming soon |
Response
| Features | Installation Components |
|---|---|
| Forensic Investigation (Captures) | Sysdig Agent |
| Rapid Response | Rapid Response |
Vulnerability Management - Legacy Engine
| Components Not Yet in New Engine | ||
|---|---|---|
| Host Scanning | Node Analyzer – Host Scanner | |
| Deployment time VM Policy Enforcement | Sysdig Admission Controller | |
| Components Replaced by New Engine Equivalents | ||
| Image Analyzer (Runtime Scanner) | Node Analyzer- image-analyzer | |
Build Pipeline / Inline Scanning (cli-scanner) | secure-inline-scan |
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.