Audit events

The Audits pages shows audit events in the detected in the Cisco Panoptica server. There are tabs that show events detected in Kubernetes clusters (Kubernetes audits) and events in the Panoptica server itself (Panoptica audits).

Kubernetes audits

The Kubernetes Audits tab shows audit events in your Kubernetes clusters, as detected by the Cluster Event Policy rules.

You can filter the view to show events for specific resources, actions, users, clusters, and namespaces. The view shows the Runtime Policy rule that detected the event and the action taken by the rule (allow, block, detect).


Panoptica Audit events

The Audits tab shows events performed on the Panoptica server by the user (such as new or modified rules).