You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When trying to forward AKS audit logs to a falco instance using the setup from sysdiglabs/aks-audit-log the logs indicate all POST requests fail with a 400 code.
**Error sending POST, retry 1, result: [BadRequest] System.Net.Http.HttpConnectionResponseContent
Problem
The issue is that the falco webserver only accepts requests with the header application/json while the audit log forwarder sends requests with the header application/json; charset=utf-8. See webserver.cpp
The webserver.cpp file should be modified to accept encoding values in the request headers.
I think this is a minor change that would help facilitate the auditing of AKS API server logs by using https://github.com/sysdiglabs/aks-audit-log directly, instead of having users maintain a fork modifying the header.
Bug
When trying to forward AKS audit logs to a falco instance using the setup from sysdiglabs/aks-audit-log the logs indicate all POST requests fail with a 400 code.
**Error sending POST, retry 1, result: [BadRequest] System.Net.Http.HttpConnectionResponseContent
Problem
The issue is that the falco webserver only accepts requests with the header
application/json
while the audit log forwarder sends requests with the headerapplication/json; charset=utf-8
. See webserver.cppThe webserver.cpp file should be modified to accept encoding values in the request headers.
Related issue : sysdiglabs/aks-audit-log#4
The text was updated successfully, but these errors were encountered: