Viewing docs for sysdig 3.5.0
published on Friday, Mar 6, 2026 by sysdiglabs
published on Friday, Mar 6, 2026 by sysdiglabs
Viewing docs for sysdig 3.5.0
published on Friday, Mar 6, 2026 by sysdiglabs
published on Friday, Mar 6, 2026 by sysdiglabs
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as sysdig from "@pulumi/sysdig";
const example = sysdig.getSecureMalwarePolicy({
name: "Sysdig Runtime Threat Detection",
});
import pulumi
import pulumi_sysdig as sysdig
example = sysdig.get_secure_malware_policy(name="Sysdig Runtime Threat Detection")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/sysdig/v3/sysdig"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := sysdig.LookupSecureMalwarePolicy(ctx, &sysdig.LookupSecureMalwarePolicyArgs{
Name: "Sysdig Runtime Threat Detection",
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Sysdig = Pulumi.Sysdig;
return await Deployment.RunAsync(() =>
{
var example = Sysdig.GetSecureMalwarePolicy.Invoke(new()
{
Name = "Sysdig Runtime Threat Detection",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sysdig.SysdigFunctions;
import com.pulumi.sysdig.inputs.GetSecureMalwarePolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = SysdigFunctions.getSecureMalwarePolicy(GetSecureMalwarePolicyArgs.builder()
.name("Sysdig Runtime Threat Detection")
.build());
}
}
variables:
example:
fn::invoke:
function: sysdig:getSecureMalwarePolicy
arguments:
name: Sysdig Runtime Threat Detection
Using getSecureMalwarePolicy
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getSecureMalwarePolicy(args: GetSecureMalwarePolicyArgs, opts?: InvokeOptions): Promise<GetSecureMalwarePolicyResult>
function getSecureMalwarePolicyOutput(args: GetSecureMalwarePolicyOutputArgs, opts?: InvokeOptions): Output<GetSecureMalwarePolicyResult>def get_secure_malware_policy(id: Optional[str] = None,
name: Optional[str] = None,
timeouts: Optional[GetSecureMalwarePolicyTimeouts] = None,
opts: Optional[InvokeOptions] = None) -> GetSecureMalwarePolicyResult
def get_secure_malware_policy_output(id: Optional[pulumi.Input[str]] = None,
name: Optional[pulumi.Input[str]] = None,
timeouts: Optional[pulumi.Input[GetSecureMalwarePolicyTimeoutsArgs]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetSecureMalwarePolicyResult]func LookupSecureMalwarePolicy(ctx *Context, args *LookupSecureMalwarePolicyArgs, opts ...InvokeOption) (*LookupSecureMalwarePolicyResult, error)
func LookupSecureMalwarePolicyOutput(ctx *Context, args *LookupSecureMalwarePolicyOutputArgs, opts ...InvokeOption) LookupSecureMalwarePolicyResultOutput> Note: This function is named LookupSecureMalwarePolicy in the Go SDK.
public static class GetSecureMalwarePolicy
{
public static Task<GetSecureMalwarePolicyResult> InvokeAsync(GetSecureMalwarePolicyArgs args, InvokeOptions? opts = null)
public static Output<GetSecureMalwarePolicyResult> Invoke(GetSecureMalwarePolicyInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetSecureMalwarePolicyResult> getSecureMalwarePolicy(GetSecureMalwarePolicyArgs args, InvokeOptions options)
public static Output<GetSecureMalwarePolicyResult> getSecureMalwarePolicy(GetSecureMalwarePolicyArgs args, InvokeOptions options)
fn::invoke:
function: sysdig:index/getSecureMalwarePolicy:getSecureMalwarePolicy
arguments:
# arguments dictionaryThe following arguments are supported:
- Name string
- The name of the Secure managed policy.
- Id string
- The id for the policy.
- Timeouts
Get
Secure Malware Policy Timeouts
- Name string
- The name of the Secure managed policy.
- Id string
- The id for the policy.
- Timeouts
Get
Secure Malware Policy Timeouts
- name String
- The name of the Secure managed policy.
- id String
- The id for the policy.
- timeouts
Get
Secure Malware Policy Timeouts
- name string
- The name of the Secure managed policy.
- id string
- The id for the policy.
- timeouts
Get
Secure Malware Policy Timeouts
- name str
- The name of the Secure managed policy.
- id str
- The id for the policy.
- timeouts
Get
Secure Malware Policy Timeouts
- name String
- The name of the Secure managed policy.
- id String
- The id for the policy.
- timeouts Property Map
getSecureMalwarePolicy Result
The following output properties are available:
- Actions
List<Get
Secure Malware Policy Action> - Description string
- (Required) The description of the malware rule.
- Enabled bool
- Whether the policy is enabled or not.
- Id string
- The id for the policy.
- Name string
- (Required) The name of the capture file
- Notification
Channels List<double> - IDs of the notification channels to send alerts to when the policy is fired.
- Rules
List<Get
Secure Malware Policy Rule> - Runbook string
- Customer provided url that provides a runbook for a given policy.
- Scope string
- The application scope for the policy.
- Severity double
- The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
- Type string
- Version double
- Timeouts
Get
Secure Malware Policy Timeouts
- Actions
[]Get
Secure Malware Policy Action - Description string
- (Required) The description of the malware rule.
- Enabled bool
- Whether the policy is enabled or not.
- Id string
- The id for the policy.
- Name string
- (Required) The name of the capture file
- Notification
Channels []float64 - IDs of the notification channels to send alerts to when the policy is fired.
- Rules
[]Get
Secure Malware Policy Rule - Runbook string
- Customer provided url that provides a runbook for a given policy.
- Scope string
- The application scope for the policy.
- Severity float64
- The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
- Type string
- Version float64
- Timeouts
Get
Secure Malware Policy Timeouts
- actions
List<Get
Secure Malware Policy Action> - description String
- (Required) The description of the malware rule.
- enabled Boolean
- Whether the policy is enabled or not.
- id String
- The id for the policy.
- name String
- (Required) The name of the capture file
- notification
Channels List<Double> - IDs of the notification channels to send alerts to when the policy is fired.
- rules
List<Get
Secure Malware Policy Rule> - runbook String
- Customer provided url that provides a runbook for a given policy.
- scope String
- The application scope for the policy.
- severity Double
- The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
- type String
- version Double
- timeouts
Get
Secure Malware Policy Timeouts
- actions
Get
Secure Malware Policy Action[] - description string
- (Required) The description of the malware rule.
- enabled boolean
- Whether the policy is enabled or not.
- id string
- The id for the policy.
- name string
- (Required) The name of the capture file
- notification
Channels number[] - IDs of the notification channels to send alerts to when the policy is fired.
- rules
Get
Secure Malware Policy Rule[] - runbook string
- Customer provided url that provides a runbook for a given policy.
- scope string
- The application scope for the policy.
- severity number
- The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
- type string
- version number
- timeouts
Get
Secure Malware Policy Timeouts
- actions
Sequence[Get
Secure Malware Policy Action] - description str
- (Required) The description of the malware rule.
- enabled bool
- Whether the policy is enabled or not.
- id str
- The id for the policy.
- name str
- (Required) The name of the capture file
- notification_
channels Sequence[float] - IDs of the notification channels to send alerts to when the policy is fired.
- rules
Sequence[Get
Secure Malware Policy Rule] - runbook str
- Customer provided url that provides a runbook for a given policy.
- scope str
- The application scope for the policy.
- severity float
- The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
- type str
- version float
- timeouts
Get
Secure Malware Policy Timeouts
- actions List<Property Map>
- description String
- (Required) The description of the malware rule.
- enabled Boolean
- Whether the policy is enabled or not.
- id String
- The id for the policy.
- name String
- (Required) The name of the capture file
- notification
Channels List<Number> - IDs of the notification channels to send alerts to when the policy is fired.
- rules List<Property Map>
- runbook String
- Customer provided url that provides a runbook for a given policy.
- scope String
- The application scope for the policy.
- severity Number
- The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
- type String
- version Number
- timeouts Property Map
Supporting Types
GetSecureMalwarePolicyAction
- Captures
List<Get
Secure Malware Policy Action Capture> - (Optional) Captures with Sysdig the stream of system calls:
- Container string
- (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
- Prevent
Malware bool - (Optional) Prevent the execution of detected malware and binaries with known hashes.
- Captures
[]Get
Secure Malware Policy Action Capture - (Optional) Captures with Sysdig the stream of system calls:
- Container string
- (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
- Prevent
Malware bool - (Optional) Prevent the execution of detected malware and binaries with known hashes.
- captures
List<Get
Secure Malware Policy Action Capture> - (Optional) Captures with Sysdig the stream of system calls:
- container String
- (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
- prevent
Malware Boolean - (Optional) Prevent the execution of detected malware and binaries with known hashes.
- captures
Get
Secure Malware Policy Action Capture[] - (Optional) Captures with Sysdig the stream of system calls:
- container string
- (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
- prevent
Malware boolean - (Optional) Prevent the execution of detected malware and binaries with known hashes.
- captures
Sequence[Get
Secure Malware Policy Action Capture] - (Optional) Captures with Sysdig the stream of system calls:
- container str
- (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
- prevent_
malware bool - (Optional) Prevent the execution of detected malware and binaries with known hashes.
- captures List<Property Map>
- (Optional) Captures with Sysdig the stream of system calls:
- container String
- (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
- prevent
Malware Boolean - (Optional) Prevent the execution of detected malware and binaries with known hashes.
GetSecureMalwarePolicyActionCapture
- Bucket
Name string - (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
- Filter string
- (Optional) Additional filter to apply to the capture. For example:
proc.name=cat - Folder string
- (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
- Name string
- The name of the Secure managed policy.
- Seconds
After doubleEvent - (Required) Captures the system calls for the amount of seconds after the policy was triggered.
- Seconds
Before doubleEvent - (Required) Captures the system calls during the amount of seconds before the policy was triggered.
- Bucket
Name string - (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
- Filter string
- (Optional) Additional filter to apply to the capture. For example:
proc.name=cat - Folder string
- (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
- Name string
- The name of the Secure managed policy.
- Seconds
After float64Event - (Required) Captures the system calls for the amount of seconds after the policy was triggered.
- Seconds
Before float64Event - (Required) Captures the system calls during the amount of seconds before the policy was triggered.
- bucket
Name String - (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
- filter String
- (Optional) Additional filter to apply to the capture. For example:
proc.name=cat - folder String
- (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
- name String
- The name of the Secure managed policy.
- seconds
After DoubleEvent - (Required) Captures the system calls for the amount of seconds after the policy was triggered.
- seconds
Before DoubleEvent - (Required) Captures the system calls during the amount of seconds before the policy was triggered.
- bucket
Name string - (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
- filter string
- (Optional) Additional filter to apply to the capture. For example:
proc.name=cat - folder string
- (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
- name string
- The name of the Secure managed policy.
- seconds
After numberEvent - (Required) Captures the system calls for the amount of seconds after the policy was triggered.
- seconds
Before numberEvent - (Required) Captures the system calls during the amount of seconds before the policy was triggered.
- bucket_
name str - (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
- filter str
- (Optional) Additional filter to apply to the capture. For example:
proc.name=cat - folder str
- (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
- name str
- The name of the Secure managed policy.
- seconds_
after_ floatevent - (Required) Captures the system calls for the amount of seconds after the policy was triggered.
- seconds_
before_ floatevent - (Required) Captures the system calls during the amount of seconds before the policy was triggered.
- bucket
Name String - (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
- filter String
- (Optional) Additional filter to apply to the capture. For example:
proc.name=cat - folder String
- (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
- name String
- The name of the Secure managed policy.
- seconds
After NumberEvent - (Required) Captures the system calls for the amount of seconds after the policy was triggered.
- seconds
Before NumberEvent - (Required) Captures the system calls during the amount of seconds before the policy was triggered.
GetSecureMalwarePolicyRule
- Additional
Hashes List<string> - (Optional) List of additional hashes that should be matched.
- Description string
- (Required) The description of the malware rule.
- Id double
- The id for the policy.
- Ignore
Hashes List<string> - (Optional) List of hashes that should be ignored.
- Ignore
Paths List<string> - (Optional) The list of file paths to be excluded from malware matching
- Name string
- The name of the Secure managed policy.
- List<string>
- Use
Managed boolHashes - (Optional) Should Sysdig's managed hashes be used? The possible values are
trueorfalse. - Use
Regex bool - (Optional) Should use regex for ignore_paths matching? The possible values are
trueorfalse. - Use
Yara boolRules - (Optional) Should use Sysdig's managed YARA rules to detect malware and malicious scripts? The possible values are
trueorfalse. - Version double
- Additional
Hashes []string - (Optional) List of additional hashes that should be matched.
- Description string
- (Required) The description of the malware rule.
- Id float64
- The id for the policy.
- Ignore
Hashes []string - (Optional) List of hashes that should be ignored.
- Ignore
Paths []string - (Optional) The list of file paths to be excluded from malware matching
- Name string
- The name of the Secure managed policy.
- []string
- Use
Managed boolHashes - (Optional) Should Sysdig's managed hashes be used? The possible values are
trueorfalse. - Use
Regex bool - (Optional) Should use regex for ignore_paths matching? The possible values are
trueorfalse. - Use
Yara boolRules - (Optional) Should use Sysdig's managed YARA rules to detect malware and malicious scripts? The possible values are
trueorfalse. - Version float64
- additional
Hashes List<String> - (Optional) List of additional hashes that should be matched.
- description String
- (Required) The description of the malware rule.
- id Double
- The id for the policy.
- ignore
Hashes List<String> - (Optional) List of hashes that should be ignored.
- ignore
Paths List<String> - (Optional) The list of file paths to be excluded from malware matching
- name String
- The name of the Secure managed policy.
- List<String>
- use
Managed BooleanHashes - (Optional) Should Sysdig's managed hashes be used? The possible values are
trueorfalse. - use
Regex Boolean - (Optional) Should use regex for ignore_paths matching? The possible values are
trueorfalse. - use
Yara BooleanRules - (Optional) Should use Sysdig's managed YARA rules to detect malware and malicious scripts? The possible values are
trueorfalse. - version Double
- additional
Hashes string[] - (Optional) List of additional hashes that should be matched.
- description string
- (Required) The description of the malware rule.
- id number
- The id for the policy.
- ignore
Hashes string[] - (Optional) List of hashes that should be ignored.
- ignore
Paths string[] - (Optional) The list of file paths to be excluded from malware matching
- name string
- The name of the Secure managed policy.
- string[]
- use
Managed booleanHashes - (Optional) Should Sysdig's managed hashes be used? The possible values are
trueorfalse. - use
Regex boolean - (Optional) Should use regex for ignore_paths matching? The possible values are
trueorfalse. - use
Yara booleanRules - (Optional) Should use Sysdig's managed YARA rules to detect malware and malicious scripts? The possible values are
trueorfalse. - version number
- additional_
hashes Sequence[str] - (Optional) List of additional hashes that should be matched.
- description str
- (Required) The description of the malware rule.
- id float
- The id for the policy.
- ignore_
hashes Sequence[str] - (Optional) List of hashes that should be ignored.
- ignore_
paths Sequence[str] - (Optional) The list of file paths to be excluded from malware matching
- name str
- The name of the Secure managed policy.
- Sequence[str]
- use_
managed_ boolhashes - (Optional) Should Sysdig's managed hashes be used? The possible values are
trueorfalse. - use_
regex bool - (Optional) Should use regex for ignore_paths matching? The possible values are
trueorfalse. - use_
yara_ boolrules - (Optional) Should use Sysdig's managed YARA rules to detect malware and malicious scripts? The possible values are
trueorfalse. - version float
- additional
Hashes List<String> - (Optional) List of additional hashes that should be matched.
- description String
- (Required) The description of the malware rule.
- id Number
- The id for the policy.
- ignore
Hashes List<String> - (Optional) List of hashes that should be ignored.
- ignore
Paths List<String> - (Optional) The list of file paths to be excluded from malware matching
- name String
- The name of the Secure managed policy.
- List<String>
- use
Managed BooleanHashes - (Optional) Should Sysdig's managed hashes be used? The possible values are
trueorfalse. - use
Regex Boolean - (Optional) Should use regex for ignore_paths matching? The possible values are
trueorfalse. - use
Yara BooleanRules - (Optional) Should use Sysdig's managed YARA rules to detect malware and malicious scripts? The possible values are
trueorfalse. - version Number
GetSecureMalwarePolicyTimeouts
- Read string
- Read string
- read String
- read string
- read str
- read String
Package Details
- Repository
- sysdig sysdiglabs/terraform-provider-sysdig
- License
- Notes
- This Pulumi package is based on the
sysdigTerraform Provider.
Viewing docs for sysdig 3.5.0
published on Friday, Mar 6, 2026 by sysdiglabs
published on Friday, Mar 6, 2026 by sysdiglabs
