Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Collect kubernetes audit logs #1424

Open
binarylogic opened this issue Dec 23, 2019 · 2 comments
Open

Collect kubernetes audit logs #1424

binarylogic opened this issue Dec 23, 2019 · 2 comments
Labels
domain: logs Anything related to Vector's log events have: should We should have this feature, but is not required. It is medium priority. platform: kubernetes Anything `kubernetes` platform related source: new A request for a new source type: enhancement A value-adding code change that enhances its existing functionality. type: feature A value-adding code addition that introduce new functionality.

Comments

@binarylogic
Copy link
Contributor

This page outlines how to collect Kubernetes audit logs. I'd like to also add our own example to the list here.

A few questions for this issue:

  1. Is there anything additional we need to do to collect this data?
  2. I'd like to see what our docs would look like on this page so that we can add it.
@binarylogic binarylogic added type: enhancement A value-adding code change that enhances its existing functionality. source: kubernetes labels Dec 23, 2019
@ktff ktff mentioned this issue Feb 14, 2020
Closed
2 tasks
@ktff ktff mentioned this issue Mar 31, 2020
Closed
@binarylogic binarylogic assigned MOZGIII and unassigned ktff Apr 4, 2020
@binarylogic binarylogic added have: should We should have this feature, but is not required. It is medium priority. platform: kubernetes Anything `kubernetes` platform related type: feature A value-adding code addition that introduce new functionality. domain: logs Anything related to Vector's log events labels Aug 7, 2020
@MOZGIII MOZGIII mentioned this issue Sep 27, 2020
Open
@MOZGIII
Copy link
Contributor

MOZGIII commented Sep 27, 2020

  1. Is there anything additional we need to do to collect this data?

We'll need to deploy vector is a specific way - we'll cover this out of the box for the users via our Helm Chart(s?).

  1. I'd like to see what our docs would look like on this page so that we can add it.

The exact details will be available later, but we will expose this via our Helm Chart, and configuring that is done via values.yml. In general, we should get ready for pretty much the whole AuditPolicy. Maybe offer an intelligent configurator like we have for vector.toml?

@jszwedko jszwedko added the source: new A request for a new source label Aug 1, 2022
@jszwedko jszwedko mentioned this issue Dec 29, 2022
Closed
@cassanellicarlo
Copy link

cassanellicarlo commented Apr 24, 2024
edited

What's the status here? How can be audit logs for kubernetes / openshift configured as source in vector?

Is file source a good option?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
domain: logs Anything related to Vector's log events have: should We should have this feature, but is not required. It is medium priority. platform: kubernetes Anything `kubernetes` platform related source: new A request for a new source type: enhancement A value-adding code change that enhances its existing functionality. type: feature A value-adding code addition that introduce new functionality.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@MOZGIII @jszwedko @binarylogic @ktff @cassanellicarlo