Docker logs being written to file

I'm testing the auditbeat docker image using the kubernetes manifest linked from here:

It appears the auditbeat logs are being written to a file, /usr/share/auditbeat/logs/auditbeat

Filebeat/metricbeat docker images write to stdout, so are available using kubectl logs <image>

The manifest is missing an arguement, "-e", to send the logs to stdout.

        args: [
          "-c", "/etc/auditbeat.yml", "-e"

Says to logs bugs here before creating an issue.

Thanks for following the procedure and reporting the issue here first :smile:. Would you be able to open a PR to fix this file and then run make from the deploy/kubernetes dir to update the generated auditbeat-kubernetes.yaml? Otherwise please open a new issue on Github as this is definitely bug.

Thanks. Pull request done, I think

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.