Security-related metrics collector and exporter.
git clone [email protected]:bookingcom/cloudsec-metrics.git
cd cloudsec-metrics
# build a docker image with the application
docker-compose build metrics
docker-compose run metrics --help| Command line | Environment | Default | Description |
|---|---|---|---|
| prisma_api_url | PRISMA_API_URL | https://api.eu.prismacloud.io | Prisma API key |
| prisma_api_key | PRISMA_API_KEY | Prisma API key | |
| prisma_api_password | PRISMA_API_PASSWORD | Prisma API password | |
| scc_org_id | SCC_ORG_ID | Google SCC numeric organisation ID | |
| scc_sources_regex | SCC_SOURCES_REGEX | . |
Google SCC sources Display Name filter regexp |
| graphite_host | GRAPHITE_HOST | Graphite hostname | |
| graphite_port | GRAPHITE_PORT | 2003 |
Graphite port |
| graphite_prefix | GRAPHITE_PREFIX | Global Graphite metrics prefix, applied to everything | |
| compliance_prefix | COMPLIANCE_PREFIX | compliance. |
Graphite compliance metrics prefix |
| dbg | DEBUG | false |
debug mode |
Collected metrics list:
- Palo Alto Networks Prisma:
- assets compliance information per security standard
- API health status (SLA)
- Google Security Command Center:
- health status
- newest event update time per source (for monitoring Forseti alerting delay).
In order to collect this data, you need to specify
scc_org_idand have proper credentials set up.
Supported exporters list:
This software was originally developed at Booking.com. With approval from Booking.com, this software was released as Open Source, for which the authors would like to express their gratitude.