Aqua Events
is an application that can receive all audit events from the Aqua Container Security Platform and forward those to Slack.
Aqua Events is compatible with Aqua Cloud Native Security Platform 5.3
- Accepts audit events via the Log Management webhook integration
- Message Types - Success, Detect, Block, Alert
- Formats the audit message to a Slack message attachment
- Allows for the filtering of message types
- Navigate to the Log Management Integration page
- Administration -> Integrations -> Log Management
- Select the Webhook integration
- Enable the service, paste the URL to your aqua-events container service and test connection
- If test is successful, save the integration, and you will start receiving audit events to Slack
docker pull bkmorrow/aqua-events-go:latest
docker run --rm --name aqua-events -p 8000:8000 --env SLACK_WEBHOOK=https://slackwebhook.url --env IGNORE_LIST=success,detect bkmorrow/aqua-events-go:latest
Modify the environment variables
- SLACK_WEBHOOK - This will be the URL to you receive from the Slack App
- IGNORE_LIST - This is a comma separated list of event categories to ignore (alert,success,detect,block)
kubectl apply -f kubernetes/aqua-events.yaml
This repository is available under the GNU Affero General Public License v3.0
Bryan Morrow (BryanKMorrow)
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.