01-28-2020 12:52 PM - last edited on 09-02-2020 10:57 AM by CHopson
I need to gather a list of connections between all pairs of Kubernetes containers over a given time. After attempting to gather this data from the Twistlock, I have some questions.
1. What is the difference between the learned connections shown in the Radar view and in the Firewalls view? The views can be found in these places:
a. Radar >> click on a connection line >> Connection info (source: learned)
b. Firewalls >> Cloud Native Network Firewall >> Container >> Allowed learned connections >> Show connections
2. Is there any way to gain visibility into the period when Radar/CNNF are (or were) in learning mode for a given container?
3. Unlike in the Radar view, I cannot see any learned connections in the CNNF view. I receive a “Failed to get learned connections” error. What would be the best way to troubleshoot this error? It does not appear in the Twistlock documentation and does not seem to correlate with any errors in the console logs.
