All Apps and Add-ons

How to Capture Kubernetes Interactive Exec Logging

Path Finder

I am using Splunk Connect for Kubernetes on EKS which seems to capture most logs right out of the box. What it doesn't capture are interactive commands run from within containers. For example, if I "exec" into a container and run commands, none of that seems to be logged. Has anyone configured that level of auditing before or am I missing something in the default set up that should be capturing that?

0 Karma