falco-analyze-audit-log-from-k3s-cluster
Audit logger
This project teaches how to analyze Kubernetes Audit logs using Falco and detect intrusions in a Kubernetes cluster.
Detect intrusions that happened in your Kubernetes cluster through audit logs using Falco
63 stars
6 watching
9 forks
last commit: over 3 years ago
Linked from 1 awesome list
audit-logfalcofalcosidekickfalcosidekickuik3sk8s-audit-log
rootsongjc/awesome-cloud-nativeRelated projects:
| Repository | Description | Stars |
|---|---|---|
 vchinnipilli/kubestriker | Automates security audits of Kubernetes clusters to identify misconfigurations and vulnerabilities | 992 |
 falcosecurity/event-generator | A tool that generates suspect actions and events to test Falco ruleset security configurations | 97 |
 threathunters-io/laurel | Converts Linux audit logs into standardized JSON format for enhanced security monitoring | 722 |
 jpcertcc/sysmonsearch | Analyzes Sysmon event logs to detect suspicious activity and visualize process and network correlations. | 419 |
 lorenzo/audit-stash | A plugin that tracks changes to data in an application's database tables and stores them in a secure log for auditing purposes. | 78 |
 lee0c/kubectl-watch | A tool for monitoring Kubernetes resources using the kubectl CLI | 17 |
 klks/checksec | A tool to analyze security settings in x64dbg | 126 |
 corneliusweig/rakkess | Tool to display access rights for resources in a Kubernetes cluster | 1,324 |
| falcosecurity/falco | A cloud-native runtime security tool that detects and alerts on abnormal behavior and potential security threats in real-time. | 7,460 |
 alexivkin/kubepwn | A collection of resources and tools for testing, analyzing, and securing Kubernetes clusters | 54 |
 abahmed/kwatch | A tool for monitoring Kubernetes clusters and detecting crashes in real-time | 965 |
 boz/kail | Tool to stream and display logs from Kubernetes pods with customizable filtering options | 1,994 |
 blackberry/falco-bypasses | Research on bypassing default security rules for Kubernetes using various techniques | 79 |
 komamitsu/fluency | A high-throughput data ingestion logger to multiple data destinations | 155 |
 emirozer/kubectl-doctor | An automated tool to analyze Kubernetes cluster health and provide actionable recommendations. | 355 |