Kubernetes Azure Detect Suspicious Kubectl Calls

Description

This search provides information on rare Kubectl calls with IP, verb namespace and object access context

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Security Monitoring

Category

Adversary Tactics

Alert Volume

This search provides information on rare Kubectl calls with IP, verb namespace and object access context

SPL Difficulty

None

Journey

Stage 3

Data Sources

Audit Trail
Azure

   Help

Kubernetes Azure Detect Suspicious Kubectl Calls Help

You must install the Add-on for Microsoft Cloud Services and Configure Kube-Audit data diagnostics

   Search

Open in Search