Container Runtime Sensor CLI Commands and Options
Qualys Container Runtime Sensor (CRS) offers various options to collect file and process events in your account, categorized under 'Global' and 'CRS Specific' parameters. These options are available with Qualys TotalCloud.
Global Parameters
Container Runtime Sensor, Cluster Sensor, and Admission Controller support the following parameters irrespective of their commands..
| Parameter | Mandatory/Optional | Description |
|---|---|---|
| global.customerId | Mandatory | Unique customer id associated with your account. |
| global.activationId | Mandatory | Unique activation id associated with your account. |
| global.gatewayUrl | Mandatory | Specify Qualys Platform (POD) gateway URL to communicate with Qualys Cloud platform. Specify this to use a POD which is not listed in: https://www.qualys.com/platform-identification/ |
| global.pod | Optional | Specify Qualys Platform (POD) for Qualys Cloud platform communication. For example, US1, US2, US3, US4, EU1, EU2, IN1, CA1, AE1, UK1, AU1, KSA1. If your platform is not mentioned here, please provide the gateway URL using ' global.gatewayUrl' |
| global.imagePullSecret | Optional | Specify to pull images from the private registry. |
| global.clusterInfoArgs.cloudProvider | Optional | Specify the name of the Cloud provider. Cloud Provider examples: AWS, GCP, AZURE, OCI, selfManagedK8S |
| global.clusterInfoArgs.AWS.arn | Mandatory | Required if the cloud provider is 'AWS'. Specify the ARN value. Example: arn:aws:eks:<region>:<accountid>:cluster/<clustername>. |
| global.clusterInfoArgs.SELF_ MANAGED_K8S.clusterName |
Mandatory | Use this to provide a cluster name. Mandatory if the Cloud Provider is 'SELF_MANAGED_K8S`. |
| global.clusterInfoArgs.AZURE.id | Mandatory | Mandatory if the cloud provider is 'AZURE'. Specify value of the id. Example: /subscriptions/<subscription_id>/resourcegroups/NK_test/providers/Microsoft.ContainerService/managedClusters/<cluster_name>
|
| global.clusterInfoArgs.AZURE.region | Mandatory | Provide the value of the region. Mandatory if the cloud provider is 'AZURE'. |
| global.clusterInfoArgs.GCP.krn | Mandatory | Provide value of the krn. Mandatory if the cloud provider is 'GCP'. Example: projects/<project_id>/locations/<region>/clusters/<cluster_name>
|
| global.clusterInfoArgs.OCI.ocid | Mandatory | Specify value of the ocid. Mandatory if the Cloud Provider is 'OCI' Example: ocid1.cluster.oc1.<REGION>.<TENANCY_OCID>.<CLUSTER_OCID> |
| global.clusterInfoArgs.OCI.clusterName | Mandatory | Use this provide cluster name. Mandatory if the Cloud Provider is 'OCI'. |
| global.clusterInfoArgs.SELF_MANAGED_K8S.clusterName | Mandatory | Use this to provide the cluster name. Mandatory if the Cloud Provider is 'SELF_MANAGED_K8S'. |
| global.rootCA.certificate | Optional | Provide custom certificate in base64 encoded format to connect with Qualys Cloud Platform |
| global.proxy.value | Optional | Specify Url of the proxy server. Example: FQDN or Ip address |
| global.proxy.certificate | Optional | Provide proxy certificate in base64 encoded format to connect with proxy server if required. |
| global.proxy.skipVerifyTLS | Optional | Use this to skip secure TLS verification. |
| global.openshift | Optional | Set to true, if deploying in OpenShift. Default value: false |
Container Runtime Sensor Specific Parameters
Here are the parameters specific to Container Runtime Sensor commands.
| Parameter | Mandatory/Optional | Description |
|---|---|---|
| runtimeSensor.image | Mandatory | Specify the name of the runtime sensor image in the private or dockerhub registry. Default value: qualys/runtime-sensor:latest |
| runtimeSensor.imagePullPolicy | Optional | Pull policy for runtime sensor image. Accepted values: IfNotPresent/Always/Never Default value: Always |
| runtimeSensor.persistentStorage.enabled | Optional | Flag to run CRS with or without persistent storage. Accepted values: true/false Default value: true |
| runtimeSensor.persistentStorage.hostPath | Optional | Path of the persistent storage Default value: /usr/local/qualys/runtime-sensor/data |
| runtimeSensor.logConfig.logLevel | Optional | Specify the log level. Valid values: debug, info, error, warn, fatal Default Value: info |
| runtimeSensor.logConfig.logFileSize | Optional | The file is rotated when its size exceeds. File size is in megabytes. Default value: 10 MB |
| runtimeSensor.logConfig.logPurgeCount | Optional | Maximum number of archived log files. Default value: 5 |
| runtimeSensor.resources.limits.cpu | Optional | Specify CPU limit of the runtime sensor container. Default value: 100m |
| runtimeSensor.resources.limits.memory | Optional | Specify memory limit of runtime sensor container. Default value: 1024Mi |
| runtimeSensor.resources.requests.cpu | Optional | Specify CPU request of runtime sensor container. Default value: 100m |
| runtimeSensor.resources.requests.memory | Optional | Specify memory request of the runtime sensor container. Default value: 250Mi |
| runtimeSensor.hostNetwork | Optional | Specify if the container needs to use the host's network namespace. Accepted values: true/false Default value: false |
| runtimeSensor.ignoreProcess | Optional | List of comma separated process paths whose events are to be ignored. Default value: None |