This section explains how to run compliance scans across your entire network.
See Manage compliance for an overview of compliance scans and the compliance dashboard.
When you run a compliance scan, the StackRox Kubernetes Security Platform takes a data snapshot of your environment. The data snapshot includes Alerts, Images, Network Policies, Deployments, and related host-based data. StackRox Central collects the host-based data from the Sensors running in your clusters. After that, Central collects more data from the compliance container running in each collector pod. The compliance container collects the following data about your environment:
- Configurations for Docker Daemon, Docker image, and Docker container.
- Information about Docker networks.
- Command-line arguments and processes for Docker and Kubernetes (OpenShift)
- Permissions of specific file paths.
- Configuration files for the core Kubernetes services.
After the data collection is complete, Central performs checks on the data to determine results. You can view the results from the Compliance dashboard and also generate compliance reports based on the results.
Running this scan checks the compliance state for your entire infrastructure across all compliance standards.
To scan your entire environment:
- Open the compliance dashboard by selecting Compliance from the menu.
- Click Scan environment.
Scanning the entire environment takes about 2 minutes to complete. This time may vary depending on the number of clusters and nodes in your environment.
We're happy to help! Reach out to us to discuss questions, issues, or feature requests.