Engineer for the future of Cloud
June 10-13, 2019
San Jose, CA

Water, water everywhere: Making Kubernetes audit logs potable

Kate Kuchin (VMware)
1:25pm2:05pm Wednesday, June 12, 2019
Location: LL20 A/B

Who is this presentation for?

  • Cluster operators of Kubernetes and app developers who use Kubernetes



Prerequisite knowledge

  • Basic Kubernetes concepts

What you'll learn

  • Understanding of Kubernetes audit logging
  • Comfort getting dynamic audit logging set up on your cluster
  • Gain insight into how you might use audit logging for a variety of purposes


Audit logging in Kubernetes is a powerful tool that grants Kubernetes operators more insight into their clusters. Audit logs can tell us what happened in our clusters, when it happened, who did it, what resources were affected, and more. The problem is even a fairly stagnant Kubernetes cluster generates millions of audit logs per week. And it’s up to us to distill value out of what is largely just noise. So, how can we isolate important audit events to better understand what’s going on in our clusters?

Kate Kuchin goes over what Kubernetes audit logs are and what information they provide. Then, she demonstrates how to get an audit set up on a cluster and how to inspect the raw logs that are generated once audit is set up. Finally, she talks about strategies for pulling useful information out of the deluge so we can make sense of these millions of audit logs and glean actionable insights.

Photo of Kate Kuchin

Kate Kuchin


Kate Kuchin is a senior member of technical staff at VMware, where she works on the UX team to build tools to make Kubernetes easier to adopt and use. Previously, at Google she worked on the consumer operations team of (the now sadly defunct) orkut. She has since worked at startups throughout the country, most recently Heptio, but is now settled in Oakland, where she spends her days working from home alongside her officemate, Helen the dog.

Leave a Comment or Question

Help us make this conference the best it can be for you. Have questions you'd like this speaker to address? Suggestions for issues that deserve extra attention? Feedback that you'd like to share with the speaker and other attendees?

Join the conversation here (requires login)