This the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Configure Benchmark Tasks (v1)

    Use a Benchmark Task to define:

    • the type of benchmark test to be run

    • the scope of the environment to be checked

    • the scheduled test frequency

    • the format in which you want to view the results report.

    Once a task has been set up, it will run tests automatically on the scheduled timeline. You can also trigger the task manually.

    Schedule an Automated Benchmark Test

    Create a Task

    1. From the Benchmarks module, select the Schedule icon.

      The Schedule list (of existing tasks) is displayed.

    2. Click +Add Task and define the task parameters on the New Task page:

      • Name: Create a meaningful name.

      • Type: Select Docker Benchmark , Kubernetes Benchmark, or Linux Benchmark, despending on your environment.

      • Schedule: Choose a frequency and time to run the test.

      • Scope: Choose Everywhere, or narrow the scope as needed.

        (See also Using Labels .)

      • Report: Select how you want to view the test results in the report.

        • All Tests: means that no filter will be applied to the Report.

          Sysdig will automatically apply the correct version of the benchmark test for your environment, based on the version of Kubernetes or Docker where the agent is installed.

        • Custom Selection: LEGACY: means that you will Filter Report Results .

          After agent 9.7.0, the custom selection also defines what parts of the test will run.

    3. Click Save.

    One Task, One Test, One Environment

    To run benchmarks on environments with different Kubernetes versions, create a separate task for that scope and version. Sysdig cannot run tests for multiple versions in a single task.

    Filter Report Results

    Note that the full CIS benchmark test will be run, even when the Report view is filtered.

    1. From the Benchmarks module, select the Schedule icon and either select or create a Task.

      The Task configuration page is displayed.

    2. For Report, choose Custom Selection.

    3. Choose the appropriate CIS benchmark version from the drop-down menu (based on the Type chosen).

      See About Benchmark Versions for details.

    4. Filter results as desired.

      1. Optional: Choose a Profile Level (1 or 2).

        Select Profile Level 1 to view only high-vulnerability results.

        Select Profile Level 2 to view only the lower-level results that were excluded from Level 1.

        Select All (no profile filter) to view complete results.

        See also: About Profile Levels.

      2. Optional: Select/deselect individual controls as desired.

      3. Optional: Select All to clear previous selections and begin again.

    5. Click Save.

    Edit a Scheduled Task

    1. From the Benchmarks module, select the Schedule icon.

      The list of scheduled tasks is displayed.

    2. Select a task from the list and edit.

    Changing the Report filter settings for a task that has already been run will retroactively filter the existing report views.

    1. Click Save.

    Delete a Scheduled Task

    1. From the Benchmarks module, select the Schedule icon.

    2. On the relevant task, click the More Options (three dots) icon.

    3. Select Delete task and click Yes to confirm (or No to revert the change).

    Trigger a Manual Benchmark Test (Run Now)

    Rather than wait for the next scheduled time for a benchmark test to run, users can choose to run a benchmark test manually.

    1. From the Benchmarks module, select the Schedule icon.

    2. On the relevant task, click the Run Now (arrow) icon.

      A notification will state that the test was successfully run.

    3. Return to the Results tab and refresh the page after several minutes to see the results.