-
Notifications
You must be signed in to change notification settings - Fork 12
K8s audit logs
kimschles edited this page Apr 21, 2020
·
1 revision
- Audit logs help you figure out the who, what, why, where and when of when something has changed.
- Audit logs live on master nodes because it is info from the api-server
- GKE sends logs to stackdriver
- At FW, we ship AWS audit logs to Datadog
- SSH to a master node and look at the log itself and look in the /var/logs directory
- You've got to configure your audig log policy. In a kops cluster, this is in the cluster.yml file.