UNCLASSIFIED

Skip to content

GitLab

Commit 3bf0c0a2 authored by thomas.burton's avatar thomas.burton
Browse files

Merge branch 'twistlock-syslog-docs' into 'master' 

Added docs for syslog

See merge request platform-one/apps/twistlock!3
parents e3ed232d 7b7371e6
Hide whitespace changes
Inline Side-by-side
Showing with 42 additions and 2 deletions
README.md
View file @ 3bf0c0a2
...@@ -40,7 +40,7 @@ kubectl -k ./ ...@@ -40,7 +40,7 @@ kubectl -k ./
### Next steps ### Next steps
The application needs a administrator, the license file needs to be installed, then a defender.yaml needs to be generated and deployed. This has been consolidated in a script called build_defender. The application needs a administrator, the license file needs to be installed, then a defender.yaml needs to be generated and deployed, then logging needs to be enabled. This has been consolidated in a script called twistlock_setup.sh.
The Variables required are as follows: The Variables required are as follows:
``` ```
...@@ -142,5 +142,26 @@ Run Defenders as privileged - On ...@@ -142,5 +142,26 @@ Run Defenders as privileged - On
Nodes use Container Runtime Interface (CRI), not Docker - On Nodes use Container Runtime Interface (CRI), not Docker - On
Nodes runs inside containerized environment - Off Nodes runs inside containerized environment - Off
#### Set up Logging
Run this code while setting the correct variables:
```
if ! curl -k \
-u $TWISTLOCK_CONSOLE_USER:$TWISTLOCK_CONSOLE_PASSWORD \
-H 'Content-Type: application/json' \
-X POST \
-d \
'{
"stdout": {
"enabled": true,
"verboseScan": true,
"allProcEvents": true,
}
}' \
https://$TWISTLOCK_EXTERNAL_ROUTE/api/v1/settings/logging; then
echo "Error editing syslog settings on console"
exit 1
fi
```
defender/build_defender.sh twistlock_setup/twistlock_setup.sh
View file @ 3bf0c0a2
...@@ -40,4 +40,23 @@ chmod +x ./twistcli ...@@ -40,4 +40,23 @@ chmod +x ./twistcli
./twistcli defender export kubernetes --namespace twistlock --privileged --cri --monitor-service-accounts --monitor-istio --user $TWISTLOCK_CONSOLE_USER --password $TWISTLOCK_CONSOLE_PASSWORD --address https://$TWISTLOCK_EXTERNAL_ROUTE --cluster-address twistlock-console:8084 ./twistcli defender export kubernetes --namespace twistlock --privileged --cri --monitor-service-accounts --monitor-istio --user $TWISTLOCK_CONSOLE_USER --password $TWISTLOCK_CONSOLE_PASSWORD --address https://$TWISTLOCK_EXTERNAL_ROUTE --cluster-address twistlock-console:8084
# kubectl apply -f ./defender # kubectl apply -f ./defender
\ No newline at end of file #setup logging to stdout
if ! curl -k \
-u $TWISTLOCK_CONSOLE_USER:$TWISTLOCK_CONSOLE_PASSWORD \
-H 'Content-Type: application/json' \
-X POST \
-d \
'{
"stdout": {
"enabled": true,
"verboseScan": true,
"allProcEvents": true,
}
}' \
https://$TWISTLOCK_EXTERNAL_ROUTE/api/v1/settings/logging; then
echo "Error editing syslog settings on console"
exit 1
fi
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

UNCLASSIFIED