Control: 7.1.7 Ensure IBM Cloud Kubernetes Service clusters have the logging service enabled
Create a logging configuration to forward cluster and app logs to IBM Log Analysis with LogDNA. IBM Log Analysis with LogDNA offers administrators, DevOps teams, and developers advanced features to filter, search, and tail log data, define alerts, and design custom views to monitor application and system logs.
- Log in to IBM Cloud at https://cloud.ibm.com.
- Click Menu icon --> Resource list
- Select your cluster under Clusters to go to the details page.
- Select the Overview tab
- Under Logging, click Connect.
- Select the region and the IBM Log Analysis with LogDNA service instance that you want to use, and click Connect.
From Command Line:
- Install the IBM Cloud Kubernetes Service observability plug-in.
ibmcloud plugin install observe-service
- Create the LogDNA logging configuration.
ibmcloud ob logging config create --cluster <cluster_name_or_ID> --instance<LogDNA_instance_name_or_ID>
Run the control in your terminal:
steampipe check ibm_compliance.control.cis_v100_7_1_7
Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share ibm_compliance.control.cis_v100_7_1_7
This control uses a named query:manual_control