Set up the kubernetes integration.
Detect when a user is creating a pod in one of the Kubernetes default namespaces.
This rule monitors when a create (
@http.method:create) action occurs for a pod (
@objectRef.resource:pods) within either of the
The only users creating pods in the
kube-system namespace should be cluster administrators. Furthermore, it is best practice to not run any cluster critical infrastructure in the
kube-public namespace is intended for Kubernetes objects which should be readable by unauthenticated users. Thus, a pod should likely not be created in the