Axonius Documentation
Start typing to search…

Sysdig - Secure

Sysdig is a monitoring, troubleshooting, cost-optimization, and alerting suite for containers, cloud, and Kubernetes environments.

Asset Types Fetched

  • Devices, Vulnerabilities, Users, Software, SaaS Applications, Compute Services

Before You Begin

Ports

  • TCP port 443

Authentication Method

  • Token

APIs

Axonius uses the Sysdig Secure API.

Permissions

Consult with your vendor for the exact permissions to fetch the objects.

Supported From Version

Supported from Axonius version 6.1.27.0

Connecting the Adapter in Axonius

To connect the adapter in Axonius, provide the following parameters:

Required Parameters

  1. Host Name or IP Address (default: https://app.sysdigcloud.com) - The hostname or IP address of the Sysdig Secure server.

  2. Token - The credentials for a user account that has permission to fetch assets.

  3. Client Type - Select the type of client.

Sysdig Secure

Optional Parameters

  1. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  2. HTTPS Proxy - Connect the adapter to a proxy instead of directly connecting it to the domain.

  3. HTTPS Proxy User Name - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

  4. HTTPS Proxy Password - The password to use when connecting to the server using the HTTPS Proxy.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Advanced Settings

📘

Note

Advanced settings can either apply to all connections for this adapter, or to a specific connection. Refer to ​Advanced Configuration for Adapters.

  1. Fetch Devices of sub type host from Hosts Endpoint - Enable to fetch Hosts (Devices).
  2. Fetch Devices of sub type workflow_host from Workflows Hosts - Enable to fetch Hosts from the Workflow endpoint. When this is enabled, the following option also becomes available:
    • Enrich Workflows Hosts with Result Details Endpoint - Enable to enrich Workflow Hosts with vulnerabilities information.
  3. Fetch ComputeServices of sub type namespace from Namespaces Endpoint - Enable to fetch Compute Services from the Namespaces endpoint. When this is enabled, the following options also become available:
    • Enrich Namespaces Endpoint with Results Endpoint - Enable to enrich Namespaces (Compute Services) with vulnerabilities information.
    • Enrich Results Endpoint with Result Details Endpoint - Enable to fetch Vulnerabilities for Compute Services (Containers). This setting is required in addition to Enrich Namespaces Endpoint with Results Endpoint in order to fetch Vulnerabilities for Containers fetched from the Namespaces endpoint.
  4. Fetch ComputeServices of sub type workflow_container from Workflows Containers - Enable to fetch Compute Services from the Containers endpoint. When this is enabled, the following option also becomes available:
    • Enrich Workflows Containers with Result Details Endpoint - Enable to enrich containers (Compute Services) with vulnerabilities information.
  5. Fetch Users from User Details Endpoint - Enable this option to fetch users.
📘

Note

To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.

Updated 3 days ago