Events
When resources are blocked due to enforced validation failure action in the Kubernetes clusters, Kyverno policies generate events on them. As an admin, you can view those events for all blocked resources with the details such as cluster, namespace, policy name, rule, last seen, and so on. These events will enable the admin to take necessary actions to unblock resources in clusters.
NOTE:
a) Events are generated for only those clusters that are on a stable Kyverno release version 1.7.0 and later.
b) Events for blocked resources are stored for 7 days.
To view the events for blocked resources:
- Go to Menu>Monitor>Events. The Events page with the details on blocked resources is displayed.
The following table explains what details are displayed in each column:
| Column Name | Description |
|---|---|
| Cluster | This value displays the cluster name on which the event appears. You can click the cluster name to view the cluster details. |
| Namespace | This value displays the namespace of the cluster. You can click the namespace link to view the namespace details. |
| Resource Kind | This value is the concrete representation of resource type. This is the target object on which the event has occurred. |
| Resource Name | This value is the concrete representation of the resource name. This is the target object on which the event has occurred. |
| Policy Name | This value displays the policy name on which the event is generated for blocked resources. You can click the policy name to view the deployed policy. |
| Policy Kind | This value displays the kind of policy on which the event for blocked resources is generated. There are two values for this column: Cluster Policy (Cluster) and Policy (Namespace). |
| Rule | This value displays the policy rule on which the event is generated. |
| Message | This value displays the path that is applicable for the events from Cluster to Rule and then the message. It also displays the error on the events generated, |
| Last Seen | This value displays the time stamp for every event. |
| Reason | This value displays the reason for the event generated, for example, policy violation. |
| Type | This value displays the type of blocked events such as warning. The following are the Color indicators in this value: Yellow - indicates warning messages. Grey - Indicates the normal message. |
| Count | This value displays the number of times the event is triggered. |
-
Click on the cluster. The cluster details page is displayed as a sliding window. This page is divided into three sections: Summary, Message, and Resource.
The following table explains the display elements in each section:
Column Name Description Summary Rule This value displays the policy rule on which the event is generated. Count This value displays the number of times the event is triggered. Reason This value displays the reason for the event generated, for example, policy violation. Last Seen This value displays the last seen time stamp for the event. First Seen This value displays the time stamp for the event. Type This value displays the type of blocked events such as warning. The following are the Color indicators in this value: Yellow - indicates warning messages. Grey - Indicates the normal message. Message This value displays the path that is applicable for the events from Cluster to Rule and then the message. It also displays the error on the events generated. Resource Cluster This value displays the cluster name on which the event appears. Namespace This value displays the namespace of the cluster. Resource Kind This value is the concrete representation of resource type. This is the target object on which the event has occurred. Resource Name This value is the concrete representation of the resource name. This is the target object on which the event has occurred. Policy This value displays the policy name on which the event is generated for blocked resources. -
Go to Quick Filter>Add a Filter to add a filter for the event. A list of available filters such as Cluster, Namespace, Resource Kind, Resource Name, Policy Name, Policy Kind, Rule, Message, Reason and Type are displayed. Select the filter value, for example: Message and add the keyword (blocked) to filter events, and then click Apply. This will display only those events that are blocked. Or Click on the filter tabs such as Blocked Resources, Deployments, Pods, Violations, Cluster Policy, and Namespace Policy to see the relevant events.