I have eck installed on my aws eks cluster, along with elastic agents managed by fleet. After adding the kuberentes integration and attaching the kubernetes package policy to the agent policy. (following this doc -Configuration | Elastic Cloud on Kubernetes [2.2] | Elastic)
I can see in the dashboard that it collects metrics under the metrics-* index for my kubernetes nodes, However it is not fetching logs under the logs-* index for my kubernetes nodes. I've attempted to search for obvious things and the returned results is always empty.
apiVersion: kibana.k8s.elastic.co/v1
kind: Kibana
metadata:
name: kibana-prod
namespace: elastic-system
spec:
version: 8.2.0
count: 1
elasticsearchRef:
name: elasticsearch-prod
http:
service:
spec:
type: NodePort
podTemplate:
spec:
containers:
- name: kibana
resources:
limits:
memory: 2Gi
cpu: 1
nodeSelector:
geeiq/node-type: ops
config:
xpack.fleet.agents.elasticsearch.hosts: ["https://elasticsearch-prod-es-http.elastic-system.svc:9200"]
xpack.fleet.agents.fleet_server.hosts: ["https://fleet-server-agent-http.elastic-system.svc:8220"]
xpack.fleet.packages:
- name: system
version: latest
- name: elastic_agent
version: latest
- name: fleet_server
version: latest
- name: kubernetes
version: 1.17.2
xpack.fleet.agentPolicies:
- name: Fleet Server on ECK policy
id: eck-fleet-server
is_default_fleet_server: true
namespace: default
monitoring_enabled:
- logs
- metrics
package_policies:
- name: fleet_server-1
id: fleet_server-1
package:
name: fleet_server
- name: Elastic Agent on ECK policy
id: eck-agent
namespace: default
monitoring_enabled:
- logs
- metrics
unenroll_timeout: 900
is_default: true
package_policies:
- name: system-1
id: system-1
package:
name: system
- name: kubernetes-1
id: kubernetes-1
package:
name: kubernetes
Note: "Collect Kuberentes container logs" is enabled
