Using Enforcer for Audit Policy alerts

kubearmor / KubeArmor

Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor).

https://kubearmor.io/

Apache License 2.0

1.49k stars 342 forks source link

Using Enforcer for Audit Policy alerts #1477

Open Aryan-sharma11 opened 1 year ago

Aryan-sharma11 commented 1 year ago

Feature Request

Short Description

Currently, we have alerts from enforcer for Block events only, we should be able to use enforcer for audit events also

Describe the solution you'd like

Extension of issue #1277

Checklist:

[x] use BPFLSM, enforcer for Default posture audit alerts https://github.com/kubearmor/KubeArmor/pull/1492
[ ] use BPFLSM enforcer for Audit Policy alerts https://github.com/kubearmor/KubeArmor/pull/1644

Aryan-sharma11 commented 12 months ago

https://github.com/kubearmor/KubeArmor/pull/1492