Hello All,
I am using fluentd as my log shipper for kubernetes microservices. I have read that the new kibana version have the log tailing feature for viewing the changes in the logs. Can someone guide me how it can work with a fluentd shipper!!
Currently I am using the logtrail pluggin for this purpose.
Rgds,
-Akhil
You just need to use the Logs app, see https://www.elastic.co/guide/en/kibana/6.5/xpack-logs.html
Hello,
But it seem to only work with the filebeat indices. Should I do some workaround for the fluentd log(which is shipped as logstash format) for it to work?
Rgds,
-Akhil
Hi @akhisar,
the Logs UI by default indeed looks at the filebeat-* indices and requires at the very least a @timestamp and a message or @message field on the documents.
The index pattern and the timestamp field can currently be changed via the Kibana config file using the settings
xpack.infra.sources.default:
logAlias: 'my-log-indices-*'
fields:
timestamp: 'my-timestamp-field'
This configuration will be made available via the UI very soon (see Kibana PR #26786 for the progress).
Using these settings it should be possible for you to make the fluentd indices available in the Logs UI.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.