trivy-operator icon indicating copy to clipboard operation
trivy-operator copied to clipboard

Published 20 hours ago verified publisher icon aquasecurity

Provide Grafana Dashboard for Prometheus Metrics

Open Dentrax opened this issue 2 years ago • 8 comments

I was playing with the operator and couldn't find a Grafana Dashboard JSON file. As discussed in the https://github.com/aquasecurity/trivy-operator/issues/78, I just noticed this feature is very new and almost 1-week-old. https://github.com/aquasecurity/trivy-operator/pull/96/files by @erikgb

I propose we should provide a new Grafana Dashboard at Configuration section in docs. (screenshot included)

Are there any example dashboards created before? If not, I can get to it.

Dentrax avatar Jun 27 '22 08:06 Dentrax

It would be nice to add a Grafana dashboard, at least to show users an example on how to use the metrics produced by the operator. We have a dashboard for our internal operator, that we want to replace with trivy-operator - that could be a decent starting point. @mikaello

erikgb avatar Jun 27 '22 08:06 erikgb

@devopstales created three dashboards for their implementation of a trivy operator (trivy-operator); maybe they can be used as a starting point?

Screenshot:

screenshot custom trivy exporter grafana dashboard

movd avatar Jul 25 '22 09:07 movd

look very nice 🚀

chen-keinan avatar Jul 27 '22 12:07 chen-keinan

Interesting. Looking forward to seeing the dashboard released soon.

nthienan avatar Oct 01 '22 14:10 nthienan

Hello,

Any news about it ? Is someone working on it right now ?

LucasVanHaaren avatar Oct 13 '22 13:10 LucasVanHaaren

My colleague @pmarkiewka and I created a first version of a trivy op dashboard similar to the devopstales one: image Uploading with Grafana failed, so for now the source can be found in this gist.

We're still struggling with alerting, though. Did anyone of you succeed in alerting for new CVEs? We tried it, but ran into the issue that PromQL increase() considers creation of new timeseries as reset: prometheus/prometheus#1673. So we would miss the first CVE of each image version ☹️

Edit: Here's an example query to alert on:

increase(trivy_image_vulnerabilities{namespace="argocd-production", severity="Critical"}[5m])

BTW We shared what we learned about trivy op on myCloudogu.

schnatterer avatar Oct 18 '22 11:10 schnatterer

Awesome news @schnatterer !

I will try your dashboard and take a look for alerting for new CVE ASAP

LucasVanHaaren avatar Oct 19 '22 19:10 LucasVanHaaren

It would be super cool if it would be implemented as a mixin so users can customize it easily and add the library to their existing workflows.

pschulten avatar Oct 20 '22 13:10 pschulten

Hello fellaz, I managed to find this one here https://grafana.com/grafana/dashboards/16337-trivy-starboard-operator-vulnerabilities/ .. Is that probably a compatible / comprehensive dashboard with the latest version of the Trivy Operator?

Unfortunately I didn't try it out just yet.

sherifkayad avatar Nov 25 '22 15:11 sherifkayad

Dashboard available here.

chen-keinan avatar Oct 05 '23 06:10 chen-keinan

Dashboard available here.

@chen-keinan Did you mean to attach a link? "here" is just normal text.

mikaello avatar Oct 05 '23 06:10 mikaello

Dashboard available here.

@chen-keinan Did you mean to attach a link? "here" is just normal text. thanks for catch up , link is updated

chen-keinan avatar Oct 05 '23 06:10 chen-keinan