You can observe your Kubernetes clusters activity by using the interactive network map. You can select the map's focus — ingress channel, egress group, namespace, or workload.

Procedure

  1. On the left navigation pane, do one of the following depending on your system configuration and role:
    • If you have the Kubernetes Security DevOps or SecOps role and your system has only the Container security feature, click Inventory > Network.
    • If you have any other role and your system has Container security and other Carbon Black Cloud features, click Inventory > Kubernetes > Network.
  2. On the Overview tab, select the cluster to monitor and click View map.
    View map option on the Kubernetes > Network page
    • The Network Map tab becomes active and loads the data for the selected cluster.

      Network map image

    • The left side of the map shows the ingress resources that are available for the cluster — NodePort services, Load Balancer services, or all. To filter the map for a specific ingress resource, select the graphical element on the left of the page for that ingress resource; for example, LoadBalancers.
    • The right side of the map shows the egress groups. To filter the map for a specific egress group, select the graphical element for that group; for example, Public.
    • To review the cluster details, the Carbon Black Cloud Kubernetes sensor version, and the resources allocated to the cluster, see the cluster details panel to the right of the map.

      Example of a cluster details pane to the right of the Kubernetes network map

    • Connection colors in the map indicate whether the connection is ingress, egress, between namespaces, or internal for a namespace. If you click a connection, its network connection details display to the right of the map. A color legend at the bottom left of the map defines each color connection.
  3. To change the default map settings, click Manage map settings and toggle settings ON or OFF.

    For example, to better analyze your Kubernetes network exposure to risk, you can filter out the encrypted connections and observe only the unencrypted ones.

    • Toggle View encrypted connections OFF.
    • Toggle View unencrypted connections ON.
    Only the unencrypted connections stay visible on the network map for easier investigation.