The presence of a username or service account related to Kubernetes as a field in the process execution is particularly important from a security perspective. Currently, we achieve this by correlating Tetragon events with Kubernetes API logs, which is a cumbersome process due to various issues such as delays and time drifts.
When an execution occurs, it is highly valuable to know exactly which user performed the action. It appears that such a feature has not yet been implemented in Tetragon for Kubernetes. Although I understand that this is not a simple task and has its own challenges, do you have any suggestions? Or is adding this feature in your roadmap?
Regards.
Describe your proposed solution
No response
Code of Conduct
[x] I agree to follow this project's Code of Conduct
Is there an existing issue for this?
Is your feature request related to a problem?
No response
Describe the feature you would like
Hello,
The presence of a username or service account related to Kubernetes as a field in the process execution is particularly important from a security perspective. Currently, we achieve this by correlating Tetragon events with Kubernetes API logs, which is a cumbersome process due to various issues such as delays and time drifts.
When an execution occurs, it is highly valuable to know exactly which user performed the action. It appears that such a feature has not yet been implemented in Tetragon for Kubernetes. Although I understand that this is not a simple task and has its own challenges, do you have any suggestions? Or is adding this feature in your roadmap?
Regards.
Describe your proposed solution
No response
Code of Conduct