Chapter 10. Auditing listening endpoints


Red Hat Advanced Cluster Security for Kubernetes (RHACS) provides the ability to audit the processes that are listening on ports in your secured clusters and filter this data by deployment, namespace, or cluster.

You can view information about processes and ports that they are listening on by using the following methods:

  • In the RHACS web portal, go to Network Listening Endpoints.
  • Connect to the ListeningEndpointsService object in the API. For more information on the API, go to Help API reference in the RHACS web portal.

The page provides a list of processes by deployment, with the following information displayed for each process on the list:

  • Deployment name
  • Cluster
  • Namespace
  • Count, or the number of processes listening on the ports in the deployment

You can further filter the information displayed on the page by using the filter field and entering individual deployments, namespaces, and clusters.

Click the expand icon at the top of the list to expand all sections for all deployments listed, or click the expand icon on a single deployment line to view additional information about that deployment. The following information is provided:

  • Exec file path: Location of the process
  • PID: System ID of the process
  • Port: Port on which the process is listening
  • Protocol: Protocol in use by the process
  • Pod ID: Name of the pod where the process is contained
  • Container name: Name of the container in which the process that is listening is located

Clicking on a deployment name brings you to the Risk page in the RHACS web portal, where you can view information about the deployment, including risk indicators such as policy violations and additional deployment details.

Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.