K
Q

How to create indices based on kubernetes metadata

11/27/2019

I am using filebeat in Kubernetes to ship logs to elastic search. I want to create indexes based on namespaces. I'm trying to create a custom index for my different apps in a Kubernetes cluster, but this not working. I used below conf:-

output.elasticsearch: index: "%{[kubernetes.labels.app]:filebeat}-%{[beat.version]}-%{+yyyy.MM.dd}"

Filebeat Kube-manifest link- https://github.com/anup1384/k8s-filebeat

-- Anup
amazon-eks
elasticsearch
filebeat
kubernetes
logging

Similar Questions

Equivalents of Nginx Ingress Annonations on IstIO Ingress Gateway
Is there a way to create a configMap containing multiple files for a Kubernetes Pod?
The Pod address range limits the maximum size of the cluster
How to delete replication controller and its pods in kubernetes?
cgroups: cgroup mountpoint does not exist: unknown in gitlab Kubernetes executor

1 Answer

11/27/2019

Use elasticsearch output as given below in filebeat configmap

output.elasticsearch:
  index: "%{[kubernetes.namespace]:filebeat}-%{[beat.version]}-%{+yyyy.MM.dd}"
-- P Ekambaram
Source: StackOverflow