I have two pods running for a specific service. I want to get logs related to both the pods and check for specific text.
For that I used ,as described here:
kubectl logs -l app=my-app -c my-app-container --since=25m | grep -i "search-text" |wc -l
This does not output anything, even though there are matching text for search-text
Then tried with deployments
kubectl logs deployment/my-app-deployment -c my-app-container --since=90m | grep -i "search-text" |wc -l
How can I search for this specific string in all related pods?
kubectl logs my-pod-1 -c my-app-container --since=90m | grep -i "search-text" |wc -l
, this gives the proper count.
References :
Get all Logs from a specific container in a replica set <br> how to get logs of deployment from kubernetes
kubectl logs
is limited to viewing a single pod’s logs at a time. However, you can use the -l
flag to use a selector (label query) to filter on. For example:
kubectl logs -l app=nginx -l app=php
Use -c
flag if you need to see container logs. More supported flags and examples can be found here.
When you are able to see the logs from desired Pods/Containers it is time to use grep
to filter out the output. For example, I got some logs from a Pod:
~$ kubectl logs nginx-app-b8b875889-4nn52
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
and I would like to only see lines with the word "configuration", so I execute:
$ kubectl logs nginx-app-b8b875889-4nn52 | grep configuration
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
or if I would like to count lines with the word "info" than:
$ kubectl logs nginx-app-b8b875889-4nn52 | grep info |wc -l
2
More details can be found in the grep manual. Bear in mind that if you don't specify arguments like --since=
or --tail=
and the Pod your are trying to view logs from is running for some longer period of time the results may be misleading.
Normally, I would also suggest to use 3rd party tools like Stern or Kubetail which are more powerful than simple kubectl logs
but in your use case combining both:
kubectl logs -l
and:
| grep
is the way to go.
EDIT:
Also make sure you are greping from the proper resources. From your question it seems that you run kubectl logs deployment/my-app-deployment
and than kubectl logs my-pod-1 -c my-app-container
which does not correspond to the my-app-deployment
deployment. List all deployments, pods and labels to be confident that you check the right resource. Use:
kubectl get deploy,pods --show-labels