Enabling AuditLog

A brief overview of how you can enable AuditLog.

  less than a minute  

Enabling AuditLog

This guide describes the steps to enable the AuditLog in a Kubernetes cluster.

Steps to Enable the AuditLog

  1. Create the Directory: Navigate to the $KUBEOPSROOT/lima directory and create the auditLog folder:

    mkdir -p $KUBEOPSROOT/lima/auditLog

  2. Create the Audit Policy File: In the $KUBEOPSROOT/lima/auditLog directory, create the policy.yaml file:

    touch $KUBEOPSROOT/lima/auditLog/policy.yaml

  3. Configure the Audit Policy: Add the content to policy.yaml according to the official Kubernetes Audit Policy documentation. Rules can be added or removed as needed to customize the auditlogs.

    Example content for policy.yaml:

    apiVersion: audit.k8s.io/v1
kind: Policy
rules:
  - level: Metadata
    resources:
      - group: ""
        resources: ["pods"]

  4. Enable the AuditLog: To enable the auditlog for a cluster, execute the following command:

    lima change auditlog <clustername> -a true

    Example:

    lima change auditlog democluster -a true

Note

  • The auditlog can also be disabled if needed by setting the -a parameter to false:

    lima change auditlog <clustername> -a false

Additional Information

  • More details on configuring the audit policy can be found in the official Kubernetes documentation: Audit Policy.