End-to-End Kubernetes with Rancher, RKE2, K3s, Fleet, Longhorn, and NeuVector

Response Rules: Active Even-Driven Defense

Imagine if you want to take a custom action when the wp-login.php is violated. NeuVector, with the Response Rules feature, allows you to define such rules and automate your actions. For example, you can trigger a webhook, send an email, a Slack notification, quarantine the container, or do any other action like calling the REST API of another service or NeuVector itself.

To test this feature, start by creating an ngrok tunnel to expose port 3000 on your local machine for the sake of creating a webhook. Use the following command:

ngrok http 3000

Then, you can use the ngrok public URL and add it as a webhook in the NeuVector settings:

Create a Response Rule to trigger the webhook when the rule is violated.

On your local machine, you can use the following Python script:

# Import necessary modules from Flask
from flask import Flask, request

# Initialize the Flask application
app = Flask(__name__)

# Define a route that catches all paths and methods
@app.route('/', defaults={'path': ''}, methods=['GET', 'POST', 'PUT', 'DELETE', 'PATCH'])
@app.route('/', methods=['GET', 'POST', 'PUT', 'DELETE', 'PATCH'])
def catch_all(path):
    # Print the HTTP method used
    print(f"Method: {request.method}")

    # Print the requested path
    print(f"Path: /{path}")

    # Print all request headers
    print(f"Headers: {dict(request.headers)}")

    # Print the request body
    print(f"Body: {request.get_data()}")

    # Respond to the client
    return "Request received"