The StackRox Kubernetes Security Platform version 3.0.39 and newer includes online telemetry; that is, it optionally gathers data about the StackRox Kubernetes Security Platform and its components.
The online telemetry data includes various operational and usage metrics, as well as information about the size, shape, and possible adverse conditions of the environments the StackRox Kubernetes Security Platform components are running in. We don’t collect node names, IP addresses, or other identifiable information about your infrastructure. See the Collected data section for detailed information about the data we collect.
The data we collect by using online telemetry helps us to analyze anomalies, fix problems, and improve the quality of future StackRox Kubernetes Security Platform versions based on real-world usage. The StackRox Kubernetes Security Platform transmits online telemetry data over a TLS-encrypted connection with negligible performance and network traffic impact.
- If you control egress traffic from your Central deployment, you must allow
outgoing connections to
telemetry.stackrox.ioon TCP port number 443.
- If you are using the StackRox Kubernetes Security Platform in offline mode, online telemetry doesn’t send any data. However, we recommend you to generate and send us a diagnostic bundle when you contact StackRox support.
The StackRox Kubernetes Security Platform sends the following data once every 24 hours:
- Storage information: Details about the database size and the amount of free space available in attached volumes.
- StackRox components health information: Details about the StackRox Kubernetes Security Platform components version, their memory usage, and any reported errors.
- Coarse-grained usage statistics: Details about API endpoint invocation counts and reported error statuses. It doesn’t include the actual data sent in API requests.
- Nodes information: Details about the nodes in each secured cluster. It includes kernel and operating system versions, resource pressure, and taints.
- Environment information: Details about each secured cluster, including Kubernetes or OpenShift version, Istio version (if applicable), cloud provider type and other similar information.
To inspect the online telemetry data we gather:
- Generate a diagnostic bundle.
- The diagnostic data (compressed zip file) includes a
- Inspect the contents of the file
The online telemetry data only includes data that’s in the file
telemetry.json and not the contents of the whole diagnostic bundle.
The collection frequency is once every 24 hours. However, if we notice any performance-related events (such as rapidly increasing error counts or new errors), we may increase this frequency up to once every hour. Once we gather sufficient information to resolve the issues, the frequency changes back to once every 24 hours.
Online telemetry is enabled by default when you install the StackRox Kubernetes Security Platform version 3.0.39 or newer. However, if you upgrade from an earlier version it remains disabled and you must manually enable it.
We gather online telemetry data to provide you with an up-to-date, more secure, and better-performing product. Therefore, to help us improve the StackRox Kubernetes Security Platform, we recommend leaving online telemetry enabled.
When you install the StackRox Kubernetes Security Platform,
--enable-telemetry=false option to disable online telemetry.
roxctl central generate interactive --enable-telemetry=false
To enable or disable online telemetry from an existing deployment of the StackRox Kubernetes Security Platform:
- On the StackRox portal, navigate to Platform Configuration > System Configuration.
- In the System Configuration view,
- turn on the Online Telemetry Data Collection toggle to enable online telemetry, or
- turn off the Online Telemetry Data Collection toggle to disable online telemetry.
We're happy to help! Reach out to us to discuss questions, issues, or feature requests.