Skip to content

Automating vulnerability monitoring with Snyk, Prometheus and Grafana

License

Notifications You must be signed in to change notification settings

lmaeda/snyk_api_dashboard

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
 
 
 
 
 
 
 
 

Repository files navigation

snyk_api_dashboard

Automating vulnerability monitoring with Snyk, Prometheus and Grafana

Reference

Snyk Blog on Snyk_Exporter

https://snyk.io/blog/vulnerability-monitoring-with-snyk-prometheus-and-grafana/

The YouTube between the Lunar team, who developed the Snyk_Exporter, and Snyk

https://www.youtube.com/watch?v=zJsxAx7MKKk

Preparation

Get the files of the project, and set environment variables below

  1. SNYK_TOKEN - set Snyk Group level API TOKEN, either of service account or a PAT
  2. SNYK_ORG_1 - set Snyk Org ID of one org
  3. SNYK_ORG_2 - set Snyk Org ID of other org

Three environment variables above would be reflected in app/docker-compose.yml, lines 17 to 19.

  • More Snyk Org's may be added to include projects from more Snyk Org's displayed in the dashboard.

Screenshot 2022-11-22 at 22 02 08

Test run the snyk_exporter x grafana x prometheus dashboard

  1. start DockerDesktop, and wait for DockerDesktop to get started

  2. From the directory, app, run the command, docker-compose up -d

  3. Use a web browser to access URLs below:

    3.1. Grafana - http://localhost:3000/

     3.1.1. Default UserId/Password : `admin/admin`
    

    3.2. Prometheus - http://localhost:9090/targets?search=

     3.2.1. Confirm both targets of prometheus is OK in status
    

Screenshot 2022-11-22 at 22 17 55

4. Wait a few minutes for `snyk_exporter` to scrape issues of projects imported into Snyk, using Snyk API

Run the command, curl http://localhost:9532/metrics

4.1. Response of the CURL without Snyk API response on issues Screenshot 2022-11-22 at 22 22 20

4.2. Reponse of the CURL with Snyk API response on issues Screenshot 2022-11-22 at 22 22 50 5. Access Grafana dashboard after you see issues of projects from Snyk API in response of CURL Screenshot 2022-11-22 at 22 25 50

  1. To stop the POC dashboard, enter the command, docker-compose down -v
  • Reminder: Grafana dashboard is in read-only mode. Grafana config files would need to be adjusted to create/adjust the dashboard.

About

Automating vulnerability monitoring with Snyk, Prometheus and Grafana

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published