As EKS is a managed AWS Kubernetes service, we can NOT install Elastic agents (FileBeat, MetricBeat, etc.) on a EKS control pane.
Would you help me for the best way to collect control plane logging and metrics, and index them into Elasticsearch?
I know Amazon EKS control plane logging provides audit and diagnostic logs directly from the Amazon EKS control plane to CloudWatch Logs in my AWS account.
I guess we can pull logs from CloudWatch into Elasticsearch. But I don't think this is the best approach because the index may not compliant with Elastic Common Schema (ECS) . Also, there are additional cost in utilizing CloudWatch logging.
Therefore, I wonder if there is a better way to directly collect control plane logging and metrics from Kubernetes system to Elasticsearch.