https://github.com/sysdiglabs/phantom-app-secure

Phantom application that integrates with Sysdig Secure
https://github.com/sysdiglabs/phantom-app-secure

Last synced: 2 months ago
JSON representation

Phantom application that integrates with Sysdig Secure

• Host: GitHub
• URL: https://github.com/sysdiglabs/phantom-app-secure
• Owner: sysdiglabs
• License: apache-2.0
• Created: 2019-04-07T22:44:05.000Z (about 6 years ago)
• Default Branch: master
• Last Pushed: 2019-04-26T06:50:48.000Z (about 6 years ago)
• Last Synced: 2025-01-23T01:22:19.301Z (4 months ago)
• Language: Python
• Size: 567 KB
• Stars: 0
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Phantom Application for Sysdig Secure

This application integrates Phantom with [Sysdig Secure](https://sysdig.com/products/secure/) and allows you 

to create [capture files](https://sysdigdocs.atlassian.net/wiki/spaces/Monitor/pages/205684760/Captures) that can be

analyzed with [Sysdig Inspect](https://sysdig.com/opensource/inspect/) for further troubleshooting.

## Build 

If you want to build the application for a future installation into Phantom, execute:

```sh

$ make

```

This will create a file called `sysdig.tar.gz`.

## Install

Go to `Apps > Install App` and drag & drop the file `sysdig.tar.gz` into this box. Click on Install and it will be installed.

## Configure

Once you instsall it, you need to configure it. Look for `Unconfigured Apps` and click on `Configure New Asset`.

Give it a name and in the Asset Settings fill your Kubeconfig encoded in Base64, for example: 

```sh

$ cat kubeconfig | base64 -w 0; echo

```

Copy and paste the content into the input.

Set the number of seconds which Sysdig has to be capturing data, and fill the [API token](https://secure.sysdig.com/#/settings/user) from Sysdig Secure.