Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
'This query determines the cluster-admin role assigned to users and applied to resources across the entire cluster .
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | Azure kubernetes Service |
| ID | c3ac03d5-dbf2-49ab-a2de-83396a20a5fb |
| Severity | Medium |
| Tactics | Persistence |
| Techniques | T1098 |
| Required Connectors | AzureKubernetes |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
AzureDiagnostics 🔶 |
Category == "kube-audit"Resource == "ClusterRoleBinding" |
? | ✗ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
↑ Back to Hunting Queries · Back to Azure kubernetes Service