for Linux
The application scans running containers and namespaces in real time. The application supports integration with the Docker container management system, the CRI-O environment, and the Podman and runc utilities.
Container Scan requires the File Threat Protection component to be enabled. File Threat Protection settings are applied when scanning containers and namespaces.
The application does not scan namespaces and containers if container and namespace management tools are not installed in the operating system.
Container Scan settings
|
Settings |
OS |
Description |
|---|---|---|
|
Action on threat detection |
|
Skip container. When an infected object is detected, the application does not perform any actions with the container. Stop container. When an infected object is detected, the application stops the container. Stop container if disinfection fails. If an infected object could not be disinfected, the application stops the container. |
|
Use Docker |
|
Using the Docker environment. To use the environment, enter a path or URI (universal resource ID) of the Docker socket. |
|
Use CRI-O |
|
Using the CRI-O environment. To use this environment, enter the path to the CRI-O configuration file. |
|
Use Podman |
|
Using the Podman utility. To use this utility, enter the path to the executable file of the utility and the path to the root directory of the container storage. |
|
Use runc |
|
Using the runc utility. To use this utility, enter the path to the executable file of the utility and the path to the root directory of the container state storage. |