Kubernetes Service Created with NodePort

Set up the kubernetes integration.

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Goal

Detect when a service’s port is attached to the node’s IP.

Strategy

This rule monitors when a create (@http.method:create) action occurs for a service (@objectRef.resource:services) attaching the service’s port to the node’s IP @requestObject.spec.type:NodePort.

Exposing the service’s port to the the node’s IP allows other hosts on the network namespace to access this service.

Triage and response

Determine if the service needs to expose it’s network connection with NodePort access.

Changelog

  • 7 May 2024 - Updated detection query to include logs from Azure Kubernetes Service.
  • 16 July 2024 - Updated detection query to include logs from Google Kubernetes Engine.
PREVIEWING: mervebolat/span-id-preprocessing