Investigate

With Sysdig Secure On-Premises v4.0, an optional feature has been introduced called Rapid Response. It enables designated users to remote connect into a host from within the Sysdig Secure interface. For on-prem users who enable this functionality, their menu options will differ from earlier versions and from the SaaS version. This section describes those options and changes.

With Sysdig Secure SaaS (June, 2021), the Activity Audit and Capture modules have been moved into Investigate.

On-Prem Overview

If Sysdig Secure On-Prem v.4.0.0 is installed and the Rapid Response feature flag has been enabled by Sysdig Support, the following differences will appear in the Sysdig Secure UI for designated users:

Left navigation: Captures is replaced by Investigate
The Captures feature is now a subset of the Investigate module, along with the new Rapid Response feature.
Rapid Response pages: Accessed from the Investigate module, the Start Session and Session Log pages have been added. See Rapid Response for details.

SaaS Overview

Activity Audit and Captures features are now both subsets of the Investigate module. See also: June 9, 2021.

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.

Investigate

On-Prem Overview

SaaS Overview

Topics in This Section

Activity Audit

Captures

Rapid Response

Feedback