The Kubernetes system allows you to continually monitor the resources of a Kubernetes cluster and enumerate all those resources that violate a particular policy.
Validating policy, any rule you put into
Monitor mode is run periodically against all the resources on the cluster. Any resources that violate one of the monitoring rules is displayed in a Compliance report. Now, this compliance report is used to create a time series graph, so that you can see how the violations in your cluster are changing over time.
The Compliance report is located by clicking on
your system namein the left-hand navigation panel, and selecting the Compliance tab on the right-hand side.
The Compliance time-series graph is displayed by clicking on
your system namein the left-hand navigation panel, and selecting the Dashboard tab.
The capabilities of the search filter for the Compliance report are applicable only for the Kubernetes systems and stacks. Use Regex to filter the search in the Compliance report. If the filter is not valid Regex, then it will check if the literal string is present inside a violation.
To test the capabilities of the search filter in the Compliance report:
- Go to
- Navigate and click on your Kubernetes system or stack.
- Click the Compliance button to see the Compliance report.
- In the Compliance report, click the expand/collapse icon on a Violation to see more details about the violation.
- From the violation details, make sure to select, copy, and paste a string or use a valid Regex in the search filter to check if there are any matching violations. For example, make sure to select, copy, and paste
f:pod-template-hashin the search filter to filter out any violations that do not contain
The search filter for the compliance view is disabled when there are no violations.