Adrien Raffin enhanced the Kubernetes audit log parser in the SEKOIA-IO/intake-formats repository by introducing support for extracting usernames and groups from the impersonatedUser field, with a fallback to the user field when necessary. This update improved the accuracy of user attribution in audit logs, addressing ambiguity in impersonation events and strengthening security monitoring. Adrien maintained backward compatibility by ensuring the parser’s logic remained robust, preventing data gaps during ingestion. The work leveraged YAML for configuration and demonstrated skills in data ingestion and log parsing, ultimately enabling downstream analytics and alerting workflows to benefit from richer, more reliable audit data.