Investigate

As part of incident response, it is important to investigate the origin and consequences of security issues, and respond swiftly to threats. Use Sysdig Investigate to discover, understand, and respond to anomalous behaviors in your environment.

Use Sysdig Investigate to perform:

Activity Audit: Track commands, connections, and requests made to your Kubernetes API. You can view activity in the form of an interactive graph, and more details in the event feed.
Captures: Create a snapshot of a moment in time of your environment. Use it to inspect activity and uncover more data.
Kubernetes Audit Logging: Use Kubernetes audit log data in the Events feed and the Activity Audit.

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.