Kubernetes Pod Created with hostNetwork
Incident Management is now generally available! Incident Management is now generally available!
<  Back to rules search

Kubernetes Pod Created with hostNetwork

kubernetes

Set up the kubernetes integration.

Overview

Goal

Detect when a pod is attached to the host network.

Strategy

This rule monitors when a create (@http.method:create) action occurs for a pod (@objectRef.resource:pods) with the host network @requestObject.spec.hostNetwork:true attached.

Attaching the hostNetwork permits a pod to access the node’s network adapter allowing a pod to listen to all network traffic for all pods on the node and communicate with other pods on the network namespace.

Triage & Response

  1. Determine if the pod needs hostNetwork access.