kubesphere
Question for the Auditing Query
https://github.com/kubesphere/website/pull/354
KubeSphere Auditing Log system receives auditing logs only from KubeSphere by default, while it can also receive auditing logs from Kubernetes. Users can stop receiving auditing logs from KubeSphere by changing the value of auditing.enable in ConfigMap.
@wanjunlei @Sherlock113
-
There are two senders including KubeSphere and K8s, which can only turn on one of them but not both for receiving the auditing logs, right?
-
Why did you instruct users to disable receiving the auditing logs at the beginning of the guide without any prerequisite or background? I am confused about this question.
See the preview page.
One more question:
The event will be ignored, stored, or generate an alert based on different rules.
How to configure the alert and notification based on the rules in auditing logs settings?
To answer your questions:
Not sure about the first question, but for the second one:
This part is telling users how to disable the component through the command. This is just like the installation of KubeSphere. You execute those commands directly and that's all. The only prerequisite you have to know is you need to enable auditing logs. Otherwise, how can one possibly uninstall it if the component is not installed.
Both parts (Receiving Auditing Logs from KubeSphere and Receiving Auditing Logs Kubernetes) talk about how to disable it. I don't see any problem in doing so.
One more question:
The event will be ignored, stored, or generate an alert based on different rules.
How to configure the alert and notification based on the rules in auditing logs settings?
As for this one, is this the guide you are looking for?
One more question:
The event will be ignored, stored, or generate an alert based on different rules.
How to configure the alert and notification based on the rules in auditing logs settings?
As for this one, is this the guide you are looking for?
No