Version-1.0
cr.yandex/sol/cilium-s3:1
cr.yandex/sol/cilium-s3-chart:0.1.0
Connects via gRPC to hubble-relay and sends netflow events to Object Storage Then you can pick up these events from Object Storage to any SIEM using GeeseFS or other aws compatible plugins
Or using prepared Object Storage integrations in the following SIEMs:
Install helm hart by replacing the values with your own (specified in the prerequisites)
helm install cilium-s3-chart oci://cr.yandex/sol/cilium-s3-chart --version 0.1.0 --namespace cilium-s3 --create-namespace \
--set yandex.secretaccesskey=<your-secretaccesskey> \
--set yandex.bucket=<your-Bucket-name> \
--set yandex.accesskeyid=<your-accesskeyid> \
--set yandex.prefix=<your-secretaccesskey> (например:k8s-cilium-flow-logs/cluster-id-1232145gfg)
Helm values:
yandex:
- accesskeyid: "" # yandex access key
- secretaccesskey: "" # yandex secret access key
- bucket: "" # Yandex storage, bucket name
- hubble_url: "hubble-relay.kube-system.svc.cluster.local:80" # Hubble-url
- prefix: "k8s-cilium-flow-logs/" # Prefix of bucket folder
- region: "ru-central1" # region of S3
- endpoint: "https://storage.yandexcloud.net" # endpoint of S3