KALT is a Kubernetes Audit Logs Toolkit. It alows analyzing Kubernetes audit.log files.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for florentflament from gravatar.com florentflament

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU General Public License v3 (GPLv3)
  • Author: Florent Flament
  • Tags Kubernetes , audit , audit.log , k8s , log
  • Requires: Python >=3
Classifiers
Report project as malware

Project description

KALT stands for Kubernetes Audit Logs Toolkit

A tool to analyse existing audit.log files, possibly helping to write meaningful audit_policy.yml.

Install

$ pip install pykalt

Usage

$ kalt -f 'objectRef.resource!=leases' -k user.username -k verb -k objectRef.resource -l 10 audit-*
user.username                                                verb    objectRef.resource      count    percent
-----------------------------------------------------------  ------  --------------------  -------  ---------
ncp                                                          update  nsxlocks                 8395      13.77
system:apiserver                                             get     endpoints                5047       8.28
system:apiserver                                             get     endpointslices           5047       8.28
kubelet                                                      get     nodes                    4946       8.11
system:serviceaccount:kube-system:resourcequota-controller   get                              3364       5.52
system:serviceaccount:kube-system:generic-garbage-collector  get                              3364       5.52
system:serviceaccount:kube-system:metrics-server             create  subjectaccessreviews     1728       2.83
kubelet                                                      watch   configmaps               1132       1.86
kubelet                                                      watch   secrets                   892       1.46
kubelet                                                      list    nodes                     840       1.38

Events count: 60957 (14.96% of 407338 events)
Period: 14.02 hours from 2025-05-22 17:22:43 to 2025-05-23 07:23:53

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for florentflament from gravatar.com florentflament

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU General Public License v3 (GPLv3)
  • Author: Florent Flament
  • Tags Kubernetes , audit , audit.log , k8s , log
  • Requires: Python >=3
Classifiers

Release history Release notifications | RSS feed

1.5

1.4

1.3

1.2

This version

1.1

1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pykalt-1.1.tar.gz (15.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

pykalt-1.1-py3-none-any.whl (16.4 kB view details)

Uploaded Python 3

File details

Details for the file pykalt-1.1.tar.gz.

File metadata

  • Download URL: pykalt-1.1.tar.gz
  • Upload date:
  • Size: 15.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.3

File hashes

Hashes for pykalt-1.1.tar.gz
Algorithm Hash digest
SHA256 ecd112f1a1cb67c49ed7f661263b2dc71b64b11ec37e0e5c6187d6a1d6b7961f
MD5 530c33e5717d3a0936d881538bfcc38e
BLAKE2b-256 990cbd1092971627d7409c8bf1cd67776ec5b2f2fbb093fb92a1f501107ea2f1

See more details on using hashes here.

File details

Details for the file pykalt-1.1-py3-none-any.whl.

File metadata

  • Download URL: pykalt-1.1-py3-none-any.whl
  • Upload date:
  • Size: 16.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.3

File hashes

Hashes for pykalt-1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 53e846d188a1e95859ae919ad88b5dacbfcf2400efdf3b577e88c6858e2e5f1f
MD5 3982f9fc1b7a7a2a8b76be04c2938ea1
BLAKE2b-256 fd9fa7695455ba550fcff41d636d646b9cc5cf45fab49b1ffa806a655e47041f

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page