Water, Water, Everywhere: Making Kubernetes Audit Logs Potable – Kate Kuchin, Heptio

13

Water, Water, Everywhere: Making Kubernetes Audit Logs Potable – Kate Kuchin, Heptio

Water, Water, Everywhere: Making Kubernetes Audit Logs Potable – Kate Kuchin, Heptio

Audit logging in Kubernetes is a powerful tool that grants Kubernetes operators more insight into their clusters. Audit logs can tell us what happened in our clusters, when it happened, who did it, what resources were affected, and more. The problem is, even a fairly stagnant Kubernetes cluster generates millions of audit logs per week. And it’s up to us to distill value out of what is largely just noise. So, how can we isolate important audit events to better understand what’s going on in our clusters? In this session, we’ll first go over what Kubernetes audit logs are and what information they provide. We’ll then do a live a demo of getting audit set up on a cluster, and inspect the raw logs that are generated. And finally, we’ll talk about strategies for pulling useful information out of the deluge, so we can make sense of these millions of audit logs glean actionable insights.

To Learn More: sched.co/GrX9