Working with the KSPM dashboard
Note
This feature is at the Preview stage.
To work with the dashboard, you need the security-deck.viewer role or higher for the folder containing the KSPM module resources.
- Go to Yandex Security Deck.
- In the left-hand panel, select KSPM.
- At the top of the window, click More and select the workspace.
- On the Clusters tab, make sure all the clusters are connected to KSPM and are in the active control status.
- Review the Dashboard tab. It has the following sections:
-
Top controls with warnings: Contains the most frequently violated rules within the control scope and gives the number of violations.
-
Section with overall statistics for the scope of control: Gives the number of clusters with KSPM connection errors, numbers of clusters with security warnings, number of Tops clusters with warnings, and number of violations.
-
A list of alerts stating threat type, status, and last update time.
For each security rule violation, an alert is created with a detailed description of the violation, severity, detection time, list of affected resources and troubleshooting recommendations.
You can manage troubleshooting for each specific alert:
- Assign persons responsible for troubleshooting.
- Manage the alert status.
- Leave comments.
- Keep track of troubleshooting progress.
- Request analysis from the AI assistant.
-