Welcome to another edition of What’s New in Sysdig in 2022! The “What’s new in Sysdig” blog is now under my control! Hello, I’m Wes MacKay, a Sales Engineer based out of Dallas, TX working with the Sysdig US West Corporate team. I’m way too passionate about containerization, personal cloud storage, and automating my home life. In my spare time, I’m always looking for better Thai and Sushi restaurants in my area.
This month’s highlights include a new feature Sysdig Advisor for faster troubleshooting and Container Drift for detecting deviation of code in runtime.
Sysdig Platform Architecture
Sysdig Platform Audit Trail
We are happy to announce that Sysdig Platform Architecture now supports the capability of tracking, logging, and reporting on all changes in the system. This is enabled by default for all SaaS customers. Event forwarding support for this feature will also be included in the near future.
For additional information, please visit our Release notes for Secure and Monitor.
We’re excited to announce Advisor, a new Kubernetes troubleshooting product in Sysdig Monitor, that accelerates troubleshooting by up to 10x. Advisor displays a prioritized list of issues and relevant troubleshooting data to surface the biggest problem areas and accelerate time to resolution.
Advisor is now available to all customers at no additional cost, and additional troubleshooting features will be added over the coming weeks.
Enhanced Metric Store
Sysdig has launched our next generation metric store, introducing a number of new features, as well as changes to and removal of some features in Sysdig Monitor.
Some improvements include:
Metrics are now unified in a Prometheus compatible naming convention.
Existing dashboards, alerts, and notifications will be automatically migrated to the new naming convention.
Queries will perform faster and handle larger volumes of data.
Number panels, tables, histograms, and toplist panels can now show the latest value for an entity.
You can display metrics with differently scraped intervals. For example 10s and 1m on the same graph.
Check out the Release Notes for the full list of new and changed features.
Sysdig Secure
Falco Rules
v0.67.1 is the latest version. Here there are some highlights of the changes from v0.50.5, which we covered in April.
Added the following rules:
v0.7.14 is still the latest release (Download Link). The instructions on how to use the tool and the release notes from previous versions are available at the following link:
https://sysdiglabs.github.io/sysdig-platform-cli/
AWS Sysdig Secure for Cloud: v0.8.2 is still the latest release.
GCP Sysdig Secure for Cloud: v0.8.5 is still the latest release.
Azure Sysdig Secure for Cloud: v0.8.0 is still the latest release.
Note: Azure Sysdig Secure for Cloud includes a breaking change to align to the new v3.0 version of the AzureRM Provider.
Sysdig CLI Scanner binary has been updated to v1.0.2
Note: If you are using this binary for local scanning in your development environment or your pipeline does not automatically pull the latest binary, we recommend you update. Follow the instructions in the documentation to retrieve the latest binary. The documented steps work well in a pipeline too when your CI/CD pipelines can access the Internet.
Documentation – https://docs.sysdig.com/en/docs/sysdig-secure/vulnerabilities/pipeline/
Image Analyzer
Sysdig Image analyzer has been updated with security patches.
feat: Updated helm charts with new exporters image tags for security updates
fix: Added filter to drop Portworx metrics in Prometheus default job
fix: Added label kube_namespace_name correctly to kubelet PVC metrics
feat: Updated the exporter image tags in the helm charts
feat: Optimized metrics sent by Kubelet and kubelet-PVC jobs
feat: Increased scrape interval of Kubelet to one minute
refactor: In KSM helm chart, removed remote-write label in KSM recording rules which are not needed in dashboards or alerts
fix: Dashboard names in list of dashboards of an integration
fix: Improved documentation and fix typos in integration wizard
fix: Changed nginx-ingress metric that detects reporting metrics for nginx_ingress_controller_nginx_process_cpu_seconds_total, as this is always present
fix: Improved CoreDNS Prometheus job to be detected in IKS clusters
fix: Changed troubleshooting metrics in some integrations for metrics inside the filter of the Prometheus job
Dashboards and alerts:
feat: Added Kubernetes scope to troubleshooting dashboard templates
feat: Deprecated the legacy troubleshooting dashboard templates for MongoDB and SQL
fix: Removed no useful disks from ‘Kubernetes Node Status & Performance’ dashboard
fix: Added filter to exclude containers FS in ‘File System Usage & Performance’ dashboard template. Also added cluster scope and changed table panel position.
fix: Typo in Dashboards: “Workload Status & Performance” and “KSM Workload Status & Performance”
fix: In Dashboard “Workload Status & Performance”, removed the scope of method in the “HTTP Requests Count per Workload” panel
fix: Fixed query in “Unused Requested CPU by all Replicas of a container“ panel in “Cluster Capacity Planning” Dashboard
fix: Removed duplicate files for “PCV and Storage” dashboard template
fix: Text in banner for Workload Kubernetes dashboard template
feat: Changed OOTB K8s dashboards to use “is” vs. “in” scoping to improve performance. Dashboards changed:
Cluster/Namespace Available Resources
Cluster Capacity Planning
Pod Rightsizing & Workload Capacity Optimization
Pod Scheduling Troubleshooting
Kubernetes HPA
fix: In Cluster Capacity Planning dashboard, only added the containers with limits/requests in certain panels
fix: In dashboard “Kubernetes CoreDNS” review the label “job” used in some panels
An ad blocking extension or strict tracking protection is preventing this form from loading. Please temporarily disable ad blocking or whitelist this site, use less restrictive tracking protection, or enable JavaScript to load this form. If you are unable to complete this form, please email us at [email protected] and a sales rep will contact you.
