Insights

What is Lens AppIQ Insights?

Lens AppIQ Insights is designed to report on compliance/conformance against Lens AppIQ Policies and provide engineering efficiency metrics. Lens AppIQ Insights can help bolster security posture and help prioritize where there are engineering bottlenecks in regard to Kubernetes workloads. Lens AppIQ Insights will work on workloads deployed through Lens AppIQ and workloads that are auto-discovered by Lens AppIQ.

Getting Started with Lens AppIQ Insights

Lens AppIQ Insights is automatic and starts reporting on violations against the policies attached to a cluster's namespace. Applications can be deployed through Lens AppIQ or using another mechanism (Helm, kubectl etc.). To look at your current violations, click on the Insights Module in the left-hand navigation. Then click on an Application to view the violations.

Looking at the Lens AppIQ policy attached to the namespace of workload that has been deployed or discovered will give you an idea of the policies being checked for.

In the above Framework, if an item is not respecting the Resource Consumption limits, this will show up as a policy violation.

📘

Modifying a Policy Updates Violations

When a Lens AppIQ policy is modified, it immediately takes effect in all the clusters and namespaces that its attached to and if there are violations, it will be reflect in the insights.

Eventing Policy Violations

Lens AppIQ has the ability to send events to external systems using Webhooks. Here is an example of sending multiple policy violations to Slack via Webhook. Can learn more about Webhooks in the docs.

lapps event webhook create policy-violation https://hooks.slack.com/services/XXXX/XXX/XXxxXXxx -d "Policy Violations" -t shipa-team -m POST -b '{"text": "*Policy Violation Alert.*\n*Event Type:* {{.Kind.Name}}\n*Policy Violated:* {{.Target.Value}}"}' --kind-name framework.create --kind-name policy.resource-limits.violation --kind-name policy.pod-auto-scaler.violation --kind-name policy.container.violation