Creating Security Dashboards

Creating Security Dashboards

Build dashboards to visualize cluster security status:

# Prometheus rules for security metrics
apiVersion: v1
kind: ConfigMap
metadata:
  name: security-metrics
  namespace: monitoring
data:
  security-rules.yaml: |
    groups:
    - name: kubernetes_security
      interval: 5m
      rules:
      - record: cluster:vulnerability:critical
        expr: |
          sum(
            trivy_vulnerability_count{severity="CRITICAL"}
          ) by (namespace)
      
      - record: cluster:compliance:score
        expr: |
          (sum(configaudit_check_passed) / 
           sum(configaudit_check_total)) * 100
      
      - alert: HighVulnerabilityCount
        expr: cluster:vulnerability:critical > 10
        for: 5m
        labels:
          severity: critical
        annotations:
          summary: "High number of critical vulnerabilities"
          description: "{{ $labels.namespace }} has {{ $value }} critical vulnerabilities"