Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
Reference for AWSEKSLogs table in Azure Monitor Logs.
| Attribute | Value |
|---|---|
| Category | AWS |
| Basic Logs Eligible | ✓ Yes |
| Ingestion API Supported | ✗ No |
| Azure Monitor Tables Reference | View Documentation |
Source: Azure Monitor documentation
| Column Name | Type | Description |
|---|---|---|
| _BilledSize | real | The record size in bytes |
| _IsBillable | string | Specifies whether ingesting the data is billable. When _IsBillable is false ingestion isn't billed to your Azure account |
| AuthDecision | string | The authorization decision made by the Kubernetes RBAC system (e.g., allow, forbid). |
| AwsAccountId | string | The AWS account ID where the EKS cluster is located. |
| ClusterName | string | The name of the EKS cluster that generated the audit event. |
| ObjectRef | string | Reference to the Kubernetes object that was accessed (namespace/resource/name). |
| RawEvent | dynamic | The complete raw EKS audit event data containing additional context and metadata. |
| Region | string | The AWS region where the EKS cluster is located. |
| ResponseCode | int | The HTTP response status code of the API request. |
| SourceIPs | dynamic | Array of source IP addresses from where the request originated. |
| SourceSystem | string | The type of agent the event was collected by. For example, OpsManager for Windows agent, either direct connect or Operations Manager, Linux for all Linux agents, or Azure for Azure Diagnostics |
| Stage | string | The stage of request processing when the audit event was generated (e.g., RequestReceived, ResponseComplete). |
| TenantId | string | The Log Analytics workspace ID |
| TimeGenerated | datetime | The timestamp (UTC) when the EKS audit event was generated. |
| Type | string | The name of the table |
| User | string | The user or service account that performed the action. |
| UserAgent | string | The user agent string of the client that made the request. |
| Verb | string | The Kubernetes API verb (action) performed (e.g., get, create, update, delete). |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊