I have followed the document and did the EFK Stack setup on my Kubernetes cluster.

https://medium.com/@jbsazon/aggregated-kubernetes-container-logs-with-fluent-bit-elasticsearch-and-kibana-5a9708c5dd9a

By default fluent-bit is supposed to find all the kubernetes fields and add it to each log entry. However, in my case am not getting the Kubernetes fields. Getting only the below fields.

@timestamp, _id, _index, _score, _type, log, stream

I can see the logs inside the fluent-bit container and outside the container on host under "/var/log/containers" path with the symlinks.

Kube Version: 1.8

Fluent-bit configmap: https://raw.githubusercontent.com/fluent/fluent-bit-kubernetes-logging/master/output/elasticsearch/fluent-bit-configmap.yaml