Audit logging in Kubernetes is a powerful tool that grants Kubernetes operators more insight into their clusters. Audit logs can tell us what happened in our clusters, when it happened, who did it, what resources were affected, and more. The problem is even a fairly stagnant Kubernetes cluster generates millions of audit logs per week. And it’s up to us to distill value out of what is largely just noise. So, how can we isolate important audit events to better understand what’s going on in our clusters?
Kate Kuchin goes over what Kubernetes audit logs are and what information they provide. Then, she demonstrates how to get an audit set up on a cluster and how to inspect the raw logs that are generated once audit is set up. Finally, she talks about strategies for pulling useful information out of the deluge so we can make sense of these millions of audit logs and glean actionable insights.
Kate Kuchin is a senior member of technical staff at VMware, where she works on the UX team to build tools to make Kubernetes easier to adopt and use. Previously, at Google she worked on the consumer operations team of (the now sadly defunct) orkut. She has since worked at startups throughout the country, most recently Heptio, but is now settled in Oakland, where she spends her days working from home alongside her officemate, Helen the dog.
Help us make this conference the best it can be for you. Have questions you'd like this speaker to address? Suggestions for issues that deserve extra attention? Feedback that you'd like to share with the speaker and other attendees?
Join the conversation here (requires login)
©2019, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • email@example.com