Getting logs from multiple containers in the same kubernetes pod

Follow

Dan Finucane

• July 15, 2020 23:18

We have a kubernetes pod that contains two containers.  We use the fluentd plugin to collect logs and send them to sumologic.  The problem we're having is that only the logs from one of the containers are sent to sumologic.  Can I configure fluentd or my pod to send logs from both containers?  Logs are written to stdout.

0

• 

  Mohit Mehta

  • July 16, 2020 01:34

  Hello Dan,
  
  Yes, you can collect logs from multiple containers to sumo logic. You need to add an additional [INPUT] section in your rawConfig: |- section of values.yaml file:
  

  Below is the link which you can refer to get details about rawConfig: |- section.

  
  https://github.com/SumoLogic/sumologic-kubernetes-collection/blob/release-v1.0/deploy/helm/sumologic/values.yaml#L460
  
  You can add another section right after the below [INPUT] section:
  
  

  [INPUT]
  	Name tail
  	Path /var/log/containers/*.log
  	Multiline On
  	Parser_Firstline multi_line
  	Tag containers.*
  	Refresh_Interval 1
  	Rotate_Wait 60
  	Mem_Buf_Limit 5MB
  	Skip_Long_Lines On
  	DB /tail-db/tail-containers-state-sumo.db
  	DB.Sync Normal

  For example, if you need to collect it from different Syslog logs which are there in a different cluster then your [INPUT] section will look like below:
  
  [INPUT]
      Name             tail
      Path             /var/log/syslog
      Multiline        On
      Parser_Firstline multi_line
      Tag              container.*
      Refresh_Interval 1
      Rotate_Wait      60
      Mem_Buf_Limit    5MB
      Skip_Long_Lines  On
      DB               /tail-db/tail-containers-state.db
      DB.Sync          Normal
  
  
  Path, Tag, and DB values will depend on your configuration.

  Hope this will help.

  Thanks,

  Mohit

  0

  Comment actions Permalink

Please sign in to leave a comment.