Skip to main content
Run any Skill in Manus
with one click

analyzing-kubernetes-audit-logs

Stars1
Forks0
UpdatedJune 11, 2026 at 20:28

Parses Kubernetes API server audit logs (JSON lines) to detect exec-into-pod, secret access, RBAC modifications, privileged pod creation, and anonymous API access. Builds threat detection rules from audit event patterns. Use when investigating Kubernetes cluster compromise or building k8s-specific SIEM detection rules.

Installation

Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.

File Explorer
4 files
SKILL.md
readonly