I have 1 kubernetes cluster send all logs to logstash, this logstash send log to elasticsearch.
It's possible send logs from diferent pods of namespaces to diferent elasticsearchs using logstash? how can I do that?
Hi, welcome to the Forum!
Yes you can. In a logstash pipeline output section you can use if else statements.
So you need a field in you logs with the namespace of the pod, then you can define if pod namespace = a {Elasticsearch output 1} and so on.
You can find some examples at this documentation section: https://www.elastic.co/guide/en/logstash/current/event-dependent-configuration.html#conditionals
Hope this will help,
Simon
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.