Configuring container monitoring in the Web Console

In the Web Console, you can manage the operation of the Container Monitoring component in the policy properties (Application settingsGeneral settingsContainer Scan settings).

Container monitoring settings

Setting

Description

Namespace and container scan enabled / disabled

This toggle switch enables or disables the scanning of namespaces and containers in real time.

The check toggle button is switched on by default.

Action with container upon threat detection

You can select the action that the application performs on a container when it detects an infected object:

  • Skip container: if an infected object is detected, the application does not perform any action on the container.
  • Stop container: if an infected object is detected, the application stops the container.
  • Stop container if disinfection fails (default value) – the application stops the container if disinfection of the infected object fails.

This setting is available when using the application under a license that supports this function.

Use Docker

This check box enables or disables the use of the Docker environment.

The check box is selected by default.

Docker socket path

Entry field for the path or URI (Uniform Resource Identifier) of the Docker socket.

Default value: /var/run/docker.sock.

Use CRI-O

The check box enables or disables the use of the CRI-O environment.

The check box is selected by default.

File path

Entry field for the path to CRI-O configuration file.

Default value: /etc/crio/crio.conf.

Use Podman

The check box enables or disables the use of the Podman utility.

The check box is selected by default.

File path

Entry field for the path to the Podman utility executable file.

Default value: /usr/bin/podman.

Root directory

Entry field for the path to the root directory of the container storage.

Default value: /var/lib/containers/storage.

Use runc

The check box enables or disables the use of the runc utility.

The check box is selected by default.

File path

Entry field for the path to the runc utility executable file.

Default value: /usr/bin/runc.

Root directory

Entry field for the path to the root directory of the container state storage.

Default value: /run/runc.

Page top