Scan status

When scanning your cluster for misconfigurations and other problems with Kubescape you get a report. In the report you can see different control status:

  • Passed – Kubescape scanned all the relevant resources that the control examines and none of them failed.
  • Failed - Kubescape scanned all the relevant resources that the control examines and found at least 1 resource failed and it was not excluded.
  • Excluded - Kubescape scanned all the relevant resources that the control examines, and all the resources that failed this control are excluded.
  • Irrelevant - Kubescape tried to find resources in the cluster that are required in order to scan your configuration using the control and it did not find the required resource.

πŸ“˜

Example for irrelevant status

Scanning control C-0014 – access K8s dashboard. Since Kubescape does not find any K8s dashboard deployment nor service or service account, it concludes that you don’t have the K8s dashboard deployed and that this control is not relevant for you.

  • Skipped – Kubescape tried to scan using the control, but it failed to collect relevant resources. Possible reasons: no cloud integration and the control requires access to the managed API server or you did not run the scan with --enable-host-scan while the control requires worker node information like Kubelet settings. In order to understand why it failed, use Kubescape scan with --logger debug flag.

Did this page help you?