Skip to main content
Calico Cloud documentation

Policy audit report

To create a Policy Audit report, create a GlobalReport with the reportType set to policy-audit.

The following sample command creates a GlobalReport that results in a daily policy audit report for policies that are applied to endpoints in the public namespace.

kubectl apply -f - << EOF
apiVersion: projectcalico.org/v3
kind: GlobalReport
metadata:
name: daily-public-policy-audit-report
labels:
deployment: production
spec:
reportType: policy-audit
endpoints:
namespaces:
names:
- public
schedule: 0 0 * * *
EOF

Downloadable reports

summary.csv

A summary CSV file that includes details about the report parameters and the top level counts.

HeadingDescriptionFormat
startTimeThe report interval start time.RFC3339 string
endTimeThe report interval end time.RFC3339 string
endpointSelectorThe endpoint selector used to restrict in-scope endpoints by endpoint label selection.selector string
namespaceNamesThe set of namespace names used to restrict in-scope endpoints by namespace.";" separated list of namespace names
namespaceSelectorThe namespace selector used to restrict in-scope endpoints by namespace label selection.selector string
serviceAccountNamesThe set of service account names used to restrict in-scope endpoints by service account.";" separated list of service account names
serviceAccountSelectorsThe service account selector used to restrict in-scope endpoints by service account label selection.selector string
numCreatedPoliciesThe number of policies that apply to in-scope endpoints that were created during the report interval.number
numModifiedPoliciesThe number of policies that apply to in-scope endpoints that were modified during the report interval.number
numDeletedPoliciesThe number of policies that apply to in-scope endpoints that were deleted during the report interval.number

events.json

Events formatted in JSON.

events.yaml

Events formatted in YAML.