In-person + Virtual
16 -20 May
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Central European Summer Time (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Friday, May 20 • 11:00 - 11:35
Threat Hunting at Scale: Auditing Thousands of Clusters With Falco + Fluent - Furkan Türkal & Emin Aktaş, Trendyol

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

At Trendyol, we are running thousands of production-grade Kubernetes clusters to make our customers always happy. The challenge that we have to achieve is to track every component, resource, user, and team in a timeline manner. This is where we have to collect audit events from almost everywhere! Kubernetes audit logs can effectively track the changes made to our clusters. By using Falco, we consume the kernel events and enrich those events with information from Kubernetes. Enabling Kubernetes Audit Logs feature allows us to scan audit events that forwarded from Kubernetes. By using Fluent Bit, we collect logs from different sources such as containers and Falco; furthermore, we extend them with filters, and send them to multiple destinations. By using Loki, we build a highly-available log aggregation system. We create and manage all of our alerting rules for the log data. In this session, we try to combine pieces and introduce a brand new Audit Monitoring System!

Click here to view captioning/translation in the MeetingPlay platform!

avatar for Furkan Türkal

Furkan Türkal

Platform Engineer, Trendyol
He likes to design and implement new tech stacks with a deep focus on distributed and low-level systems. Interested in contributing to open source projects, communities and project management. Strong interest in CNCF world! Recently, he has been doing research on Supply Chain Security... Read More →
avatar for Emin Aktaş

Emin Aktaş

Platform Engineer, Trendyol
Emin is a man who loves target-driven, versatile and cares about innovative ideas. He enjoys process management and communication. He never hesitates to share his experience on Medium. Not only that, he strongly interested in combination of fields of mechanics, hardware and software... Read More →

Friday May 20, 2022 11:00 - 11:35 CEST
Viewable In Platform Feria Valencia