Kubernetes Auditing log source parameters

When you add a Kubernetes Auditing log source on the QRadar Console by using the Syslog protocol, there are specific parameters you must use.

The following table describes the parameters that require specific values to collect Syslog events from Kubernetes Auditing:
Table 1. Kubernetes Auditing Syslog log source parameters for the Kubernetes Auditing DSM
Parameter Value
Log Source type Kubernetes Auditing
Protocol Configuration Syslog
Log Source Identifier IP address or host name