Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Kubernetes Auditing

 

The JSA DSM for Kubernetes collects auditing events from a Kubernetes master node Kube-apiserver.

To integrate Kubernetes with JSA, complete the following steps:

  1. If automatic updates are not enabled, download and install the most recent version of RPM from the https://support.juniper.net/support/downloads onto your JSA console.

    • DSM Common RPM

    • Kubernetes Auditing DSM RPM

  2. Configure your Kubernetes master node Kube-apiserver to send events to JSA.
  3. Create a copy of the audit policy file.
  4. Configure rsyslog on your Kubernetes master hosted Linux system.
  5. If JSA does not automatically detect the log source, add a Kubernetes Auditing log source on the JSA Console.Note

    The Kubernetes auditing event payload can be over 32,000 bytes. The default JSA syslog payload length is 4,096 bytes. You can increase the JSA syslog payload size to 32,000 bytes.