Try our new research platform with insights from 80,000+ expert users
2023-07-16T14:23:00Z

Which datatypes should I prioritize when log monitoring Azure Kubernetes Service clusters?

Hi Community, 

I have recently been facing a challenge on what log to prioritize when monitoring AKS logs. This is purely because of the verboseness of AKS logs driving spikes in logging costs. 

Between AKS-audit and AKS-audit-admin logs is there one I could prioritize over the other? I understand that AKS-audit-admin has fewer logs than AKS-audit as it does not contain "list" and "get" requests. 

Your guidance on this will be highly appreciated.

CB
  • 2
  • 16
FollowingFollow
Share
PeerSpot user
Buyer's Guide
Azure Kubernetes Service (AKS)
October 2024
Get the report
Helped 816,192 peers since 2012
1

1 Answer

Anne Cubarrubia - PeerSpot reviewer
Real User
2023-08-17T17:18:13Z
Aug 17, 2023

Here are the datatypes you should prioritize when log monitoring Azure Kubernetes Service (AKS) clusters:



  • AKS-audit logs hold information about all Kubernetes API requests, including create, update, delete, and list requests. They are the most critical logs to monitor, as they can help you identify unauthorized access and other security threats.

  • AKS-audit-admin logs contain information about all administrative API requests, such as creating and deleting users and roles. This set of logs is less critical than AKS-audit logs, but it can still be helpful for troubleshooting and auditing.

  • Container logs hold information about the containers running in your AKS cluster, so they help troubleshoot issues with individual containers.

  • Node logs contain information about the nodes in your AKS cluster and can help troubleshoot issues with the nodes themselves.


If you are limited on resources, you can prioritize AKS-audit logs over AKS-audit-admin logs. However, monitoring both logs is vital to get a complete picture of activity in your AKS cluster.

Like(1)
Reply
CB
User
Aug 18, 2023

@Anne Cubarrubia Thanks for these

PeerSpot user
Buyer's Guide
Azure Kubernetes Service (AKS)
October 2024
Free Report: Azure Kubernetes Service (AKS) Reviews and More
Learn what your peers think about Azure Kubernetes Service (AKS). Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
DOWNLOAD NOW
816,192 professionals have used our research since 2012.
Search for a product comparison
Go!
Azure Kubernetes Service (AKS)
  • 36 Reviews
Azure Kubernetes Service (AKS) is a fully managed container orchestration service provided by Microsoft Azure. It simplifies the deployment, management, and scaling of containerized applications using Kubernetes. With AKS, developers can focus on building applications while Azure takes care of the underlying infrastructure. It offers features like automatic scaling, monitoring, and security, ensuring high availability and reliability. AKS integrates seamlessly with other Azure services,...
Download Azure Kubernetes Service (AKS) ReportRead more

Related Q&As

Aug 23, 2023
What are the differences between AKS and OpenShift?
Sep 13, 2024
What is your experience regarding pricing and costs for Azure Kubernetes Service (AKS)?