Amazon EKS Kubernetes Pod Scan Detection

Description

This search provides detection information on unauthenticated requests against Kubernetes' Pods API

   Help

Amazon EKS Kubernetes Pod Scan Detection Help

You must install the AWS App for Splunk (version 5.1.0 or later) and Splunk Add-on forAWS (version 4.4.0 or later), then configure your AWS CloudWatch EKS Logs.Please also customize the kubernetes_pods_aws_scan_fingerprint_detection macro to filter out the false positives.

   Search

Open in Search