Getting logs from multiple containers in the same kubernetes pod

Follow
Avatar
Dan Finucane

We have a kubernetes pod that contains two containers.  We use the fluentd plugin to collect logs and send them to sumologic.  The problem we're having is that only the logs from one of the containers are sent to sumologic.  Can I configure fluentd or my pod to send logs from both containers?  Logs are written to stdout.

0

Comments

1 comment

Sort by Date Votes
  • Avatar
    Mohit Mehta

    Hello Dan,

    Yes, you can collect logs from multiple containers to sumo logic. You need to add an additional [INPUT] section in your rawConfig: |- section of values.yaml file:

    Below is the link which you can refer to get details about rawConfig: |- section.


    https://github.com/SumoLogic/sumologic-kubernetes-collection/blob/release-v1.0/deploy/helm/sumologic/values.yaml#L460

    You can add another section right after the below [INPUT] section:

    [INPUT]
      Name tail
      Path /var/log/containers/*.log
      Multiline On
      Parser_Firstline multi_line
      Tag containers.*
      Refresh_Interval 1
      Rotate_Wait 60
      Mem_Buf_Limit 5MB
      Skip_Long_Lines On
      DB /tail-db/tail-containers-state-sumo.db
      DB.Sync Normal

    For example, if you need to collect it from different Syslog logs which are there in a different cluster then your [INPUT] section will look like below:

    [INPUT]
        Name             tail
        Path             /var/log/syslog
        Multiline        On
        Parser_Firstline multi_line
        Tag              container.*
        Refresh_Interval 1
        Rotate_Wait      60
        Mem_Buf_Limit    5MB
        Skip_Long_Lines  On
        DB               /tail-db/tail-containers-state.db
        DB.Sync          Normal


    Path, Tag, and DB values will depend on your configuration.

    Hope this will help.

    Thanks,

    Mohit

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post