Skip to main content

Overview

The kguardian Broker exposes a REST API for querying collected telemetry data. The CLI uses this API internally, but you can also integrate directly with it for custom workflows.

Base URL

http://kguardian-broker.kguardian.svc.cluster.local:9090
For external access, use port-forwarding: 
kubectl port-forward -n kguardian svc/kguardian-broker 9090:9090

Authentication

The current version (v1.0.0) has no authentication. The API should only be accessible within the cluster network. For production deployments, consider using NetworkPolicies, service mesh, or an API gateway with authentication.

API Endpoints

Pods

Add and retrieve pod metadata

Traffic

Query network traffic data

Syscalls

Retrieve syscall observations

Services

Service IP to metadata mapping

Response Format

All responses are JSON with standard HTTP status codes:
  • 200 OK - Success
  • 400 Bad Request - Invalid parameters
  • 404 Not Found - Resource not found
  • 500 Internal Server Error - Server error

Common Patterns

Pagination

Currently not supported. All matching records are returned.

Filtering

Some endpoints support filtering by namespace, pod name, or time range (coming soon).

Rate Limiting

No rate limiting is currently enforced.