The Service Map for APM is here!

Aqua

Agent Check Agent Check

Supported OS: Linux Mac OS Windows

Overview

This check monitors Aqua.

The Aqua check will alert the user if total high-severity vulnerability is reached, or if a container is running inside a host not registered by Aqua. Aqua will also send data alerts regarding blocked events in runtime, and it is possible to trigger a webhook to scale infrastructure if more Aqua scanners are required.

Setup

The Aqua check is not included in the Datadog Agent package, so you will need to install it yourself.

Installation

To install the Aqua check on your host:

  1. Download the Datadog Agent.
  2. Download the aqua.py file for Aqua.
  3. Place it in the Agent’s checks.d directory.

Configuration

To configure the Aqua check:

  1. Create a aqua.d/ folder in the conf.d/ folder at the root of your Agent’s directory.
  2. Create a conf.yaml file in the aqua.d/ folder previously created.
  3. Consult the sample conf.yaml file and copy its content in the conf.yaml file.
  4. Edit the conf.yaml file with your Aqua API credentials.
  5. Restart the Agent.

Validation

Run the Agent’s status subcommand and look for aqua under the Checks section.

Data Collected

Metrics

aqua.images
(gauge)
The number of images seen by Aqua
shown as unit
aqua.vulnerabilities
(gauge)
The number and categories of vulnerabilities detected by Aqua
shown as occurrence
aqua.running_containers
(gauge)
The number of running containers seen by Aqua
shown as container
aqua.audit.access
(gauge)
The number of audit events per category
shown as event
aqua.scan_queue
(gauge)
The number of scan queues per type
shown as occurrence
aqua.enforcers
(gauge)
The number of host enforcers per status
shown as host

Service Checks

aqua.can_connect:

Returns CRITICAL if the Agent cannot connect to Aqua to collect metrics. Returns OK otherwise.

Events

Aqua does not include any events.

Troubleshooting

Need help? Contact Datadog support.


Mistake in the docs? Feel free to contribute!