K
Q

Kubernetes event logs to elasticsearch

1/25/2021

I'm trying to forward kubernetes-event logs to elasticsearch using fluentd.I currently use fluent/fluentd-kubernetes-daemonset:v1.10.1-debian-elasticsearch7-1.0as container image to forward my application logs to elasticsearch cluster.I've searched enough & my problem is that this image doesn't have enough documentation as to accomplishing this task(i.e; forward kubernetes event related logs).

I've found this plugin from splunk which has desired output but this has overhead like :

  • add above plugin's gem to bundler.

  • install essential tools like make etc.

  • install the plugin .

Sure I can do above steps using init-container, but above operations are adding ~200MB to disk space .I'd like to know if it can be accomplished with smaller footprint or other way.

Any help is appreciated.

Thanks.

-- YoganA
elasticsearch
fluentd
kubernetes

Similar Questions

What is the relation between Rancher environment and K8S cluster? Rancher host and K8S node?
Failed to scale nodes, forbidden system:serviceaccount:kube-system:cluster-autoscaler kubernetes
How to exec into a container and view file if container is in CrashLoopBackOff state
Kubernetes outage, pods just vanished, refused to start
Deploy HPA (Horizontal Pod Autoscaler) based custom metric (http request)?

1 Answer

1/25/2021

You can try this: https://github.com/opsgenie/kubernetes-event-exporter

It is able to export Kube events to Elasticsearch.

-- Vasili Angapov
Source: StackOverflow