HomeCKS practice tasks › Configure API Server Audit Logging
CKS · Monitoring, Logging and Runtime Security

Configure API Server Audit Logging

Audit logging is not correctly configured on the API server.

Solve this on a real cluster — free → All CKS tasks
🗓️ Free Task of the Week: one CKS task is unlocked free for everyone every week — no card, real cluster, auto-graded (2 tries/week). Create a free account and check whether this one is live now.

The task

Task

Audit logging is not correctly configured on the API server.

Requirements

  1. Reconfigure the API server to use the provided base audit policy file at /etc/kubernetes/audit-policy.yaml
  2. Configure audit log retention so that the API server keeps a maximum of 2 audit log files
  3. Set the audit log path to /var/log/kubernetes/audit.log

Verify that the API server starts correctly.

Exam
CKS
Domain
Monitoring, Logging and Runtime Security
Grading
Programmatic · partial credit
Reference
Kubernetes docs ↗

What this tests

Detect threats at runtime with Falco, behavioral analytics, and audit logging. On the CKS exam, Monitoring, Logging and Runtime Security tasks are graded purely on what you build in the cluster — not multiple choice — so the only way to get faster is to do them on a real cluster against a clock.

Practice it for real

prepium.sh drops you into your own isolated Kubernetes cluster in the browser — no install, no credit card. You solve the task in a real terminal, hit validate, and a programmatic checker scores exactly what you got right and wrong (with partial credit). The canonical solution unlocks after you attempt it, so you learn the fast, exam-ready way to do it.

Start free → CKS overview

Related CKS tasks

Detect and Stop a Pod Accessing /dev/mem