Description of Cyberwatch services
The Cyberwatch software is based on Docker images. It is possible to use Docker swarm or Kubernetes as an orchestrator to manage the containers. These containers provide a set of services working and communicating together that make up for the main functions of the software suite.
This documentation lists and describes all services necessary for the Cyberwatch suite, and also indicates their presence on Cyberwatch servers depending on the architecture type deployed.
The status of these services can be consulted from the Cyberwatch server, with the following command:
sudo cyberwatch status
If one service is not running, consult its logs.
Description of each service
- db
- MariaDB database in which the application data is stored.
- nginx
- Web server responsible for the interface between the application and the outside world. The service redirects requests to the appropriate container (web, kibana, third_parties).
- web
- Olympe container responsible for processing web requests.
- sidekiq_master
- Olympe container responsible for executing jobs in asynchronous mode. The service handles jobs that need to be executed only on the master node. The service was added with the orchestrator in version 5.21.
- sidekiq
- Similar to sidekiq_master, except that the service is available on all node types. The service handles tasks that do not need to be run on a particular scanner.
- sidekiq_node
- Similar to sidekiq but used to perform tasks on a particular scanner. In particular, the service is responsible for connecting to supervised machines in agentless mode.
- cron
- Application task scheduler. No longer available on orchestrator version superior or equal to 5.21.
- redis
- RAM database used for the task stack.
- cache
- RAM database used for the application’s cache.
- elasticsearch
- Container responsible for Elasticsearch indexes.
- kibana
- Visualization tool to create custom dashboards.
- web_scanner
- Network and website target scan engine.
- container_scanner
- Buildah engine for the scan of Docker images.
- third_parties
- Container containing the Windows cab file.
Services expected on each node
| Service | Master node | Independent satellite node |
|---|---|---|
| db | ✓ | |
| nginx | ✓ | ✓ |
| web | ✓ | ✓ |
| sidekiq | ✓ | ✓ |
| sidekiq_node | ✓ | ✓ |
| cron | ✓(1) | |
| redis | ✓ | |
| cache | ✓ | ✓ |
| elasticsearch | ✓ | |
| kibana | ✓ | |
| web_scanner | ✓ | ✓ |
| container_scanner | ✓ | ✓ |
| third_parties | ✓(2) | ✓(2) |
(1) Only on base versions less than or equal to 5.20.
(2) Only on offline nodes.