About the Device
Azure Kubernetes Service (AKS) is a managed Kubernetes service that you can use to deploy and manage containerized applications. You need minimal container orchestration expertise to use AKS. AKS reduces the complexity and operational overhead of managing Kubernetes by offloading much of that responsibility to Azure. AKS is an ideal platform for deploying and managing containerized applications that require high availability, scalability, and portability, and for deploying applications to multiple regions, using open-source tools, and integrating with existing DevOps tools.
Device Information
Entity | Particulars |
---|---|
Vendor Name | Microsoft |
Product Name | Azure Kubernetes Service |
Type of Device | Cloud |
Collection Method
Log Type | Ingestion label | Preferred Logging Protocol - Format | Log collection method | Data Source | |
---|---|---|---|---|---|
Kubernetes Audit Azure | KUBERNETES_AUDIT_AZURE | Cloud Storage - JSON | C2C - Storage | https://cloud.google.com/chronicle/docs/reference/feed-management-api#azure_blobstore |
Device Configuration
Prerequisites
An Azure subscription that you can sign in to.
An Azure Kubernetes Service environment in Azure
A user who's a Global Administrator or Azure Kubernetes Service Administrator.
Azure Storage Account to store the logs.
Reference URLs
How to create storage account?
https://docs.microsoft.com/en-us/azure/storage/common/storage-account-create?tabs=azure-portal
Configurations Steps
In the Azure portal, select your Kubernetes Services from the menu.
Select Cluster for which you want to enable logging.
In Monitoring, select Diagnostic settings.
Click Add diagnostic setting and select all the categories under Logs.
Select Archive to storage account in Destination details to store logs to storage account.
Once you select Archive to storage account, you need to choose an existing Subscription and Storage account.
Click Save.
How you can get credentials of Azure Storage: https://accenture-css.atlassian.net/wiki/spaces/CEDAR/pages/48906343945
Integration Parameters
Parameter Display Name | Default Value | Description |
---|---|---|
AZURE URI | N/A | The URI pointing to a Azure Blob Storage blob or container. Container names are |
URI IS A | Directory which includes subdirectories | The type of object indicated by the URI. Valid values are:
|
SOURCE DELETION OPTION | Never delete files | Source file deletion is not supported in Azure. This field's value must be set to |
Shared Key OR SAS Token |
| A shared key, a 512-bit random string in base64 encoding, authorized to access Azure Blob Storage. Required if not specifying an SAS Token. |
ASSET NAMESPACE |
| To assign an asset namespace to all events that are ingested from a particular feed, set the |