Configuration Library

The Sysdig configuration library lists all the major configuration supported by the Sysdig agent components. This document is evolving and will be updated as new configurations are added to the product.

Sysdig Agent

Generic Configuration

Configurationdragent.yamlHelmDescriptionDefault and Example
Clusterk8s_cluster_nameglobal.clusterConfig.name

Identifier for the Kubernetes cluster where you install the agent. For more information, see Agent Configuration.

For example, ec2_cluster

Access Keycustomeridglobal.sysdig.accessKey

See Sysdig Agent Access Keys to learn how to retrieve the agent keys.

SecretN/Aglobal.sysdig.accessKeySecretThe name of a Kubernetes secret containing an access-key entry.
RegionN/Aglobal.sysdig.region

The SaaS region where the agent is installed. Possible values: us1, us2, us3, us4, eu1, au1, and custom. See Regions and IP Ranges for more information.

us1
Global Tagstagsglobal.sysdig.tags

Sets the global tags which can override agent tags. See Quick Install Sysdig Agent for more information

Agent TagstagsThe list of tags to identify the host where the agent is installed. For example: role:webserver, location:europe, role:webserver. See Quick Install Sysdig Agent for more information.
Proxyhttp_proxyglobal.proxy.httpProxy

Allows the agent to communicate with Sysdig collector through anhttp_proxy. See Enable HTTP Proxy for Agents for more information.

HTTP Proxy Hosthttp_proxy.proxy_host

The host IP of the proxy server.

HTTP Proxy Porthttp_proxy.proxy_port

See Enable HTTP Proxy for Agents for more information.

http_proxy.proxy_user

See Enable HTTP Proxy for Agents for more information.

http_proxy.proxy_password

See Enable HTTP Proxy for Agents for more information.

http_proxy.ssl

See Enable HTTP Proxy for Agents for more information.

http_proxy.ssl_verify_certificate

See Enable HTTP Proxy for Agents for more information.

http_proxy.ca_certificate

See Enable HTTP Proxy for Agents for more information.

CollectorcollectorSettings.collectorHost

Enter the host name or IP address of the Sysdig collector service. Note that when used within dragent.yaml, must be lowercase collector.

See On-Premises Installation for more information.

Collector PortOn-prem only. The port used by the Sysdig collector service.6443

Monitor-Specific Configuration

Configurationdragent.yamlHelmDescriptionDefault and Example
StatsDstatsd

Controls StatsD metric collection.

enabled
statsd:
	blacklisted_ports

See StatsD for more information.

statsd:
	tcp_port

See StatsD for more information.

statsd:
  udp_port

See StatsD for more information.

Events
events:
  docker

Controls Event Collection metric collection.

events:
  kubernetes
Log
log:
  event_priority

Allows you to configure log levels metric collection.

log:
  console_priority
log:
  file_priority
Prometheus
prometheus:
  enabled

Controls Prometheus Native Service Discovery.

JMX
jmx:
  enabled

Controls JMX metrics collection.

App Checks
app_checks:
  enabled

Controls monitoring capabilities using App Checks.

KSM
k8s_extra_resources:
  - include
  ...

Enable and disable Kube State Metrics collection.

enabled
Go Eventsgo_k8s_user_events

Streamline Sysdig agent processing times and reduce CPU load.

false
Agent Console
command_line:
  enabled

Enable Agent Console to interact with the Sysdig agent to troubleshoot and investigate agent configuration problems quickly.

enabled

Secure-Specific Configuration

Configurationdragent.yamlHelmDescriptionDefault and Example

Falco Baseline

falcobaselinefalcobaselineenabled

Secure Audit Streams

secure_audit_streamssecure_audit_streamsenabled