I want to get currently logged in user for auditing. for example I want to find which user executed a malicious caommand in k8s pod. there is a tool that I can define some policy that can works with kprobe. Is there anyway to get user by kprobe? I mean is there any call that return this for me? I tried to use from k8s client libraries but it's not efficient for my task.
get current kubernetes logged in user with kprobe
33 views Asked by Michael Cab At
0
There are 0 answers
Related Questions in KUBERNETES
- Golang == Error: OCI runtime create failed: unable to start container process: exec: "./bin": stat ./bin: no such file or directory: unknown
- I can't create a pod in minikube on windows
- Oracle setting up on k8s cluster using helm charts enterprise edition
- Retrieve the Dockerfile configuration from the Kubernetes and also change container Java parameter?
- Summarize pods not running, by Namespace and Reason - I'm having trouble finding the reason
- How to get Java running parameters from Spring Boot running inside container in pod where no ps exist
- How do we configure prometheus server to scrape metrics from a pod with Istio sidecar proxy?
- In rke kube-proxy pod is not present
- problem with edge server registration in Eureka
- Unable to Access Kubernetes LoadBalancer Service from Local Device Outside Cluster
- Kubernetes cluster on GCE connection refused error
- Based on my experience, I've outlined the Kubernetes request flow. Could someone please add or highlight any points I might have overlooked?
- how to define StackGres helm chart "restapi" values to use internal LoadBalancer - AWS EKS
- Python3.11 can't open file [Errno 2] No such file or directory
- Cannot find remote pod service - SERVICE_UNAVAILABLE
Related Questions in LINUX-KERNEL
- Android kernel error: undefined reference to `get_hw_version_platform'
- Is there a need for BPF Linux namespace?
- Facing fatal errors while running "yum update" command on CentOS 7/Cloudlinux 7
- crash utility itself crashes while decoding kdump generated from null pointer dereference in kernel module
- How to compile the Linux kernel with -O0 for more detailed debug?
- Linux support for parallel Pixel data Image sensor
- Can't upgrade to newest version of linux-image-6.5.0-26-generic
- How to protect a page so that it cannot be write in mips arch?
- How to extract the .img file into normal kernel source file in the linux?
- Storage size of struct hash_desc desc; isn't known
- How can I intercept failed file openning calls?
- struct nameidata-Linux Kernel Module
- How to modify a 'struct msghdr' in Linux Kernel Module?
- How to allocate 500MB+ physically contiguous memory in a Linux kernel module and copy data to that memory from a userspace process?
- Hyper Threading: nosmt in grub configuration
Related Questions in AUDIT-LOGGING
- ldap 389ds - logging - cat <> stdout-fifo-pipe-file > /dev/stdout - No AUDIT logs 0 byte file
- Audit a share Excel workbook
- Move data from System-versioned history tables out of database
- BigQuery: Assess overall read volume per table
- Kafka Confluent - Issue with Audit Log Configuration
- How to fetch Azure Databrciks Audit Logs
- How do you set the NTFS permissions for an append-only log, and append to it in VB6?
- Launch a Firestore requests using firebase admin sdk without service account
- Can I log a Laravel username using Doctrine and the MariaDB Audit Plugin?
- Custom Datadog regex does not capture individual entries within auditd "msg" field
- Using log analytics logs to track requests for auditing purposes
- I am using this package, namespace Volo.Abp.AuditLogging and it is generating dll files
- Learning to navigate the codebase; is there any audit functionality?
- Elastic Search - How to forward Elastic Search Audit Logs to an external storage?
- Alternative to DBs for storing audit logs?
Related Questions in KPROBE
- Can Linux kprobes get disabled temporarily by the kernel?
- Kprobe handler is not triggered for some kernel symbols
- maximum number of uprobe /kprobe that can be attached using libbpf
- How to correctly read socket->sk from pt_regs* in ebpf program?
- get current kubernetes logged in user with kprobe
- tracepoint/syscalls/sys_enter_execve missing args
- BPF program attach failed
- Concurrent system calls handling by kprobes
- How to remove a eBPF function attached by BCC toolkit?
- Permission denied when using bpf_probe_read() in the ebpf program
- Kprobe BPF programs execution order
- eBPF vs non-eBPF tracepoint/kprobes
- Comparing ip addresses in bpftrace?
- Get return address of a function using kretprobe or bpf
- Can ebpf only use kprobe to monitor kernel functions?
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Popular Tags
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)