who_shelled_into_pod
Identify users who accessed a specific Kubernetes pod by name, namespace, and time range. Audit shell access events to enhance cluster security and monitor activity.
Instructions
Get users who shelled into a pod with the given name and namespace around the given time
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| cluster_id | No | Optional Cluster ID | |
| from_time | No | Start time of the time range to search for audit events. Example: 2024-01-01T00:00:00Z. Default: 7 days ago | |
| limit | No | Maximum number of results to return | |
| name | No | Optional Pod name | |
| namespace | No | Optional Pod namespace | |
| page | No | Page number to return | |
| to_time | No | End time of the time range to search for audit events. Example: 2024-01-03T00:00:00Z |
Input Schema (JSON Schema)
{
"$schema": "http://json-schema.org/draft-07/schema#",
"additionalProperties": false,
"properties": {
"cluster_id": {
"description": "Optional Cluster ID",
"type": "string"
},
"from_time": {
"description": "Start time of the time range to search for audit events. Example: 2024-01-01T00:00:00Z. Default: 7 days ago",
"type": "string"
},
"limit": {
"default": 20,
"description": "Maximum number of results to return",
"type": "number"
},
"name": {
"description": "Optional Pod name",
"type": "string"
},
"namespace": {
"description": "Optional Pod namespace",
"type": "string"
},
"page": {
"default": 1,
"description": "Page number to return",
"type": "number"
},
"to_time": {
"description": "End time of the time range to search for audit events. Example: 2024-01-03T00:00:00Z",
"type": "string"
}
},
"type": "object"
}