Managing Sensors¶
Soveren Sensors are available in two variants:
-
Data-in-motion (DIM) sensor: Discovers services in your Kubernetes clusters and identifies sensitive data in data flows between them.
-
Data-at-rest (DAR) sensor: Monitors data sources such as S3 buckets, databases, and Kafka clusters, and uncovers sensitive data stored within.
Create¶
First you need to decide which type of Sensor do you need: a Data-in-motion (DIM) or Data-at-rest (DAR).
You can create DIM Sensors via the sensors page in the Soveren app.
You need to create separate Data-in-motion (DIM) Sensors for each Kubernetes cluster you want to monitor.
Each Sensor is characterized by its name
and token
. You can also specify the region
where your cluster is situated.
If you have multiple clusters, and thus multiple Sensors, Soveren will display them separately on the data map. The Sensor's name will define the name of the cluster on the data map.
You can create DAR Sensors via the sensors page in the Soveren app.
To monitor your data sources, such as S3 buckets, databases, and Kafka clusters, you will need at least one Data-at-rest (DAR) Sensor. While not mandatory, we recommend deploying separate sensors for different types of data sources to optimize monitoring efficiency.
Each Sensor is characterized by its name
and token
.
Name¶
For DIM sensors, the names influence how different Kubernetes clusters are displayed on the data map. For DAR sensors, the naming is primarily for management purposes and serves as an informative label.
You can automate the naming of your Soveren Sensors in your configuration files.
Token¶
The token
allows the Soveren app to identify the Sensor during communication.
We recommend adding the token
to your own configuration file, such as values.yaml
, to simplify operational procedures.
Use unique tokens for different deployments
If you're managing multiple Soveren deployments, please create unique tokens for each one. Using the same token across different deployments can result in data being mixed and lead to interpretation errors that are difficult to track.
Deploy¶
We utilize Helm for deployment. The installation procedure is as follows:
We recommend that instead of adding <TOKEN>
to the command line, you incorporate the token
into your own configuration file, such as values.yaml
. Then, use the following commands instead of the ones above:
Update¶
Updating the Sensor to the latest version is straightforward:
You can check the latest version information in our Helm chart.
Scale down or remove¶
To completely uninstall the Sensor, use the following command:
If you wish to address performance issues with any individual component, you can temporarily scale it down using the following command:
<DEPLOYMENT_NAME>
depends on the release name that you've used and should contain one of the following:
-
kafka
-
digger
-
crawler
-
detectionTool
-
prometheusAgent
To scale it back up, use:
Scaling down interceptors does not offer any practical benefits. It is more effective to completely remove the Sensor and then bring it back up using the standard update or deploy command.