Update vulnerability scanning docs

This commit is contained in:
Alexandru Macocian
2026-06-22 15:12:21 +02:00
parent d4bf02c42c
commit 28eca1e6a1
+7 -6
View File
@@ -24,15 +24,16 @@ flowchart LR
| Schedule | Daily sweeps. |
| Metrics | Prometheus textfiles under `/var/lib/charlie/trivy/metrics`. |
| Shipping | node-exporter textfile collector -> otelcollector -> VictoriaMetrics. |
| Dashboard | Grafana `Container CVEs`. |
| Dashboard | Grafana `Container CVEs`, `Container CVE List`. |
## Metrics
| Metric | Meaning |
| ------------------------------------ | ----------------------------------------------- |
| `trivy_image_vulnerabilities` | Vulnerability counts by image/severity/scanner. |
| `trivy_image_scan_timestamp_seconds` | Last scan timestamp. |
| `trivy_image_scan_errors_total` | Scan error state. |
| Metric | Meaning |
| ------------------------------------ | ---------------------------------------------------- |
| `trivy_image_vulnerabilities` | Distinct-CVE counts by image/severity/scanner. |
| `trivy_image_vulnerability_info` | Per-CVE detail (stack, image, advisory URL, title). |
| `trivy_image_scan_timestamp_seconds` | Last scan timestamp. |
| `trivy_image_scan_errors_total` | Scan error state. |
## Access