Get Secure Event

Get a secure event by given ID.

Parameters

Parameter	Description
Event ID	The ID of the event.

Example Output

{
  {
    "actions":[
      { ... }
    ],
    "category": "runtime",
    "content":{
    "type": "workloadRuntimeDetection",
    "clusterName": "prod5",
    "namespace": "hub",
    "resourceKind": "Job",
    "resourceName": "sfdc-bulk-updates-12345678",
    "scanResult": { ... },
    "zones": [ ... ]
  },
  "cursor": "LTltNGUybXIwdWkzZThhMjE1bjRn",
  "description": "Identify a container being created with privileged=true\n",
  "id": "15cbf54e34df95404caad1c988cf7c42",
  "labels":
  {
    "baz": "qux",
    "foo": "bar"
  },
  "name": "Launch Privileged Container",
  "originator": "policy",
  "severity": 4,
  "source": "k8s_audit",
  "timestamp": 1617220000000000000
}

Workflow Library Example

Get Secure Event with Sysdig and Send Results Via Email

Preview this Workflow on desktop