cloud-security

Kubernetes Audit Logging

Definition

Kubernetes audit logging records chronological records of all requests processed by the Kubernetes API server, including the user identity, operation, resource affected, and request/response metadata. Audit logs are essential for detecting unauthorized access attempts, RBAC misuse, privilege escalation, and workload modifications in Kubernetes clusters.

A well-configured audit policy captures authentication failures, secrets access, and exec/attach operations without generating excessive log volume from routine operations.

Related Terms

Kubernetes RBAC

Kubernetes Role-Based Access Control

KSPM

Kubernetes Security Posture Management

SIEM

Security Information and Event Management

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product