Skip to content

[Bug]: Generated nginx-agent config is incorrect for Security Monitoring environments #8407

New issue
New issue
Open
#8404
Open
[Bug]: Generated nginx-agent config is incorrect for Security Monitoring environments#8407
#8404
Labels
bugAn issue reporting a potential bugneeds triageAn issue that needs to be triaged
@dareste

Description

@dareste
dareste
opened on Oct 10, 2025

Version

edge

What Kubernetes platforms are you running on?

Kind

Steps to reproduce

In the NIC + NAP + NIM Security Monitoring use case (https://docs.nginx.com/nginx-instance-manager/monitoring/security-monitoring/configure/set-up-app-protect-instances/), the agent config that is generated in the Helm chart is wrong. With that config, events are not properly collected and sent because of the family of metrics features we enable:

kubernetes-ingress/charts/nginx-ingress/templates/_helpers.tpl

Line 588 in eb6244c

- metrics-sender

Right now, the config file that is generated for the use case above only enables the feature metrics-sender, which results in the agent being ready to send events, but not collecting them. To actually collect the events we need to include the metrics-collection feature as well.

Alternatively, enabling metrics would cover both sending and receiving behaviors.

Repro:

  • Deploy the Security Monitoring use case with the latest Helm chart (enable Agent, enable NAPv5).
  • Integrate it with NIM.
  • Generate security events.
  • Those event won't be seen in NIM.

Fix:

  • Replace metrics-sender with metrics in the agent config.
  • Restart the agent.
  • Now, security events can be seen in NIM.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugAn issue reporting a potential bugneeds triageAn issue that needs to be triaged

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions