To search for Kubernetes policy rule violations (alerts), perform the following procedure.


  1. On the left navigation pane, click Alerts.
  2. Search and filter for Kubernetes violations using the filters in the left pane and the Search text box. For help constructing a query, see the in-product Search Guide.
    • You can define search results by time.
    • The Alerts page offers four ways to filter alerts for Containers and Kubernetes:
      • K8s Cluster
      • K8s Namespace
      • K8s Workload
      • K8s Policy

      You can combine filters to achieve a particular result.

    • Click the vertical 3-dot Configuration menu to configure the filters that display in the console.
    • Alerts with Monitor action rules are not visible by default. They are part of the Other Activity > Observed filter category.
    • You can exclude search results by clicking the Exclude icon to the right of a filter value. For example:

      Excluded alerts based on filter setting

    Example search results table:

    Example Kubernetes alerts search result table