Monitoring Docker, OpenShift and Kubernetes - Version 5.14 - containerd, templates for indexes and sources
Placeholders in indexes and sources
You can apply dynamic index names in the configurations to forward logs or stats to a specific index based on the meta fields. For example, you can define an index as:
[input.files]
index = oc_{{openshift_namespace}}
Similarly, you can change the source of all the forwarded logs like:
[input.files]
source = /{{openshift_namespace}}/{{::coalesce(openshift_daemonset_name, openshift_deployment_name, openshift_statefulset_name, openshift_cronjob_name, openshift_job_name, openshift_replicaset_name, openshift_pod_name)}}/{{openshift_pod_name}}/{{openshift_container_name}}
Support for containerd runtime
Collectord now supports Docker, CRI-O, and containerd runtimes for Kubernetes and OpenShift. Make sure to download the latest configuration for Kubernetes to be able to use the containerd runtime. New volumes have been added to reference the containerd unix socket.
Exclude fields from forwarded events
If you want to reduce the amount of fields forwarded with every event, you can set which fields you want to ignore like:
[output.splunk]
excludeFields.openshift_pod_ip = true
Logs dashboard improvement
All filters also affect drop-downs in other fields. For example, selecting a cluster will filter suggestions for Pods only from the selected cluster.
Links
You can find more information about other minor updates by following the links below.
Release notes
- Monitoring OpenShift - Release notes
- Monitoring Kubernetes - Release notes
- Monitoring Docker - Release notes
