Agent Configuration for Monitor
To apply configurations, see Configure the Agent.
StatsD
The statsd
parameter controls StatsD metric collection. It is enabled
by default.
The following configurations are available:
statsd:
blacklisted_ports
statsd:
tcp_port
statsd:
udp_port
statsd:
ip_address: 0.0.0.0
The value indicates that the StatsD server will accept incoming traffic from any IP, local or remote. Use this configuration to add the ability to send statsd messages to a host running the agent from a remote host, and for the agent to process the message as if they have originated on the host on which the agent is running.
By default, the agent includes a statsd server that listens on the loopback interface (127.0.0.1) for incoming statsd messages, which does not allow accepting messages originating from remote hosts. Use the ip_address: 0.0.0.0
configuration to change this default behavior.
Events
The events
parameter controls Event Metric Collection.
events:
docker
events:
kubernetes
Log
The log
parameter lets you configure log levels metric collection.
log:
event_priority
log:
console_priority
log:
file_priority
Prometheus
The prometheus
parameter controls Prometheus Native Service Discovery.
prometheus:
enabled
JMX
The jmx
parameter controls JMX metrics collection.
jmx:
enabled
App Checks
Controls monitoring capabilities using App Check.
app_checks:
enabled
KSM
Enable and disable Kube State Metrics (KSM) collection. It is enabled
by default.
k8s_extra_resources:
- include
...
Go Events
The go_k8s_user_events
parameter streamlines Sysdig agent processing times and reduce CPU load. The default is true
.
Agent Console
Enable Agent Console to interact with the Sysdig agent to troubleshoot and investigate agent configuration problems quickly
command_line:
enabled
Examples
Disable StatsD Collection
This example shows how to turn off StatsD collection and blacklist port 6443.
Sysdig agent uses port 6443 for both inbound and outbound communication with the Sysdig backend. The agent initiates a request and keeps a connection open with the Sysdig backend for the backend to push configurations, Falco rules, policies, and so on.
Ensure that you allow the agents’ inbound and outbound communication on TCP 6443 from the respective IP addresses associated with your SaaS Regions. Note that you are allowing the agent to send communication outbound on TCP 6443 to the inbound IP ranges listed in the SaaS Regions.
YAML Format
statsd:
enabled: false
blacklisted_ports:
- 6443
Single-Line Format
Use spaces, hyphens, and \n
correctly when manually converting to a single line:
ADDITIONAL_CONF="statsd:\n enabled: false\n blacklisted_ports:\n - 6443"
You can run a full agent startup Docker command in a single line as follows:
docker run
--name sysdig-agent \
--privileged \
--net host \
--pid host \
-e ACCESS_KEY=<ACCESS_KEY> \
-e COLLECTOR=<COLLECTOR_ADDRESS> \
-e TAGS=dept:sales,local:NYC \
-e ADDITIONAL_CONF="statsd:\n enabled: false\n blacklisted_ports:\n - 6443" \
-v /var/run/docker.sock:/host/var/run/docker.sock \
-v /dev:/host/dev \
-v /proc:/host/proc:ro \
-v /boot:/host/boot:ro \
-v /lib/modules:/host/lib/modules:ro \
-v /usr:/host/usr:ro \
quay.io/sysdig/agent
Add RabbitMQ App Check
This example helps you override the default configuration for a RabbitMQ app check.
YAML Format
app_checks:
- name: rabbitmq
pattern:
port: 15672
conf:
rabbitmq_api_url: "http://localhost:15672/api/"
rabbitmq_user: myuser
rabbitmq_pass: mypassword
queues:
- MyQueue1
- MyQueue2
Single-Line Format (echo | sed)
From a Bash shell, issue the echo
command and sed script.
echo "app_checks:
- name: rabbitmq
pattern:
port: 15672
conf:
rabbitmq_api_url: "http://localhost:15672/api/"
rabbitmq_user: myuser
rabbitmq_pass: mypassword
queues:
- MyQueue1
- MyQueue2
" | sed -e ':a' -e 'N' -e '$!ba' -e 's/\n/\\n/g'
This results in the single-line format to be used with ADDITIONAL_CONF
in a Docker command or DaemonSet file.
"app_checks:\n - name: rabbitmq\n pattern:\n port: 15672\n conf:\n rabbitmq_api_url: http://localhost:15672/api/\n rabbitmq_user: myuser\n rabbitmq_pass: mypassword\n queues:\n - MyQueue1\n - MyQueue2\n"
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.