From the course: Kubernetes Threat and Attack Detection by Pearson
Join today to access over 25,200 courses taught by industry experts.
Gathering evidence of compromise - Kubernetes Tutorial
From the course: Kubernetes Threat and Attack Detection by Pearson
Gathering evidence of compromise
In previous lessons, we've seen ways to be able to monitor the logging capabilities within Kubernetes by going to the logs and just grepping on them, or just doing a cat. Now we know that from a logs perspective, there's a lot of stuff that gets in here, and it's not the easiest to be able to read. Now of course you can use something like jq, and jq will give you the ability to be able to make things a little bit nicer to read, but you still have to go through millions of different logs in some cases. So here's an example of a log that's basically doing a look for a particular secret that got created. So in this case, test-secret. And it's giving you that information, but again, this isn't really a scalable solution. In order to be a little bit more scalable, we have shown in previous lessons the ability to be able to use Grafana and Loki. Now, Loki is really powerful in as much as it allows you to be able to create a log aggregator that's free that is tied directly with Grafana. So…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.