Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Kubernetes Auditing

The JSA DSM for Kubernetes collects auditing events from a Kubernetes master node Kube-apiserver.

To integrate Kubernetes with JSA, complete the following steps:

  1. If automatic updates are not enabled, download and install the most recent version of RPM from the https://support.juniper.net/support/downloads onto your JSA console.

    • DSM Common RPM

    • Kubernetes Auditing DSM RPM

  2. Configure your Kubernetes master node Kube-apiserver to send events to JSA.

  3. Create a copy of the audit policy file.

  4. Configure rsyslog on your Kubernetes master hosted Linux system.

  5. If JSA does not automatically detect the log source, add a Kubernetes Auditing log source on the JSA Console.

    Note:

    The Kubernetes auditing event payload can be over 32,000 bytes. The default JSA syslog payload length is 4,096 bytes. You can increase the JSA syslog payload size to 32,000 bytes.