Host Scanner

This page describes how to install the Sysdig Host Scanner on non-Kubernetes hosts using containers. The Host Scanner is used to scan for vulnerabilities on hosts, in addition to the default runtime scanner on containers.



Run the following Docker command to deploy the Sysdig Host Scanning container:

docker run --detach -e HOST_FS_MOUNT_PATH=/host -e SYSDIG_ACCESS_KEY=<access-key> -e SYSDIG_API_URL=<sysdig-secure-endpoint> -e SCAN_ON_START=true -v /:/host:ro --uts=host --net=host$(curl -L -s

This command will download and start the Sysdig Host Scanning container, passing in environment variables for the access key, Sysdig Secure endpoint, and other configuration options.

Once the container is running, the scanner will begin scanning your host for vulnerabilities and providing security recommendations. You can view the results in the Sysdig Secure UI.

Results will be shown within 12 hours of installation - scans are refreshed every 12 hours.

Next Steps

Use the Host Scanner in the Sysdig Secure UI