Kubernetes Plug-In for the Logpoint SIEM allows you to import and normalize Kubernetes logs from a Linux based log source, or an Amazon Elastic Kubernetes Service (EKS) log source imported via CloudWatch.
Release Details
Version: 1.0.0
Added date: 29 Nov, 2024
Logpoint versions: Logpoint v7.4.0 or later
Build Type: Community Package
Download: Kubernetes Package.zip
SHA 256: fb1c136d6d88a633124e0b966701d67c5c54658eaf89c1046d04717dc2be3eec
Package Details
Kubernetes Plug-In Components
- Kubernetes Alert Rules (4 alert rules) - Install via KB > Alert Rules > Import (KubernetesAlertRules.pak)
-
Kubernetes Audit Compiled Normalizer - Install via System Settings > Configuration > Universal Normalizer > Add > Browse (KubernetesAuditCompiledNormalizer.pak) > Upload Config
- Kubernetes Dashboard (8 dashboards) - Install via KB > Dashboards > Import (KubernetesDashboards.pak)
- Kubernetes Report Template (1 report) - Install via Reports > Report Templates > Import (KubernetesReportTemplate.pak)
- Kubernetes Search Template (1 report with 3 tabs) - Install via KB > Search Templates > Import (KubernetesSearchTemplate.pak)
Enhancement
| Description | Issue ID | Reference ID |
| <Description> | KB-xxxxx | - |
Documentation
The following documentation is available in the attachments:
- Kubernetes Plug-In Setup Instructions (Installation Guide)
- Kubernetes Logging on EKS
- Kubernetes Logging on Linux
- Kubernetes Logging Overview
Academy Training
The link to the Academy training is here:
https://academy.logpoint.com/learn/courses/8/logpoint-masterclasses/lessons/138:28/kubernetes
There is also a YouTube video here:
Support
This package is provided "as is". Only Logpoint internal staff may create a support ticket for this package.
Comments
Please sign in to leave a comment.