API endpoints logging constraints¶
With regard to audit logging, for reasons having to do with system security a number of MKE API endpoints are either ignored or have their information redacted.
API endpoints ignored¶
The following API endpoints are ignored since they are not considered security events and can create a large amount of log entries:
/_ping
/ca
/auth
/trustedregistryca
/kubeauth
/metrics
/info
/version\*
/debug
/openid_keys
/apidocs
/kubernetesdocs
/manage
API endpoints information redacted¶
For security purposes, information for the following API endpoints is redacted from the audit logs:
/secrets/create
(POST)/secrets/{id}/update
(POST)/swarm/join
(POST)/swarm/update
(POST) -/auth/login
(POST)Kubernetes secrets create/update endpoints
See also