I am running Elastic cloud, Elastic Observability Serverless and was wondering to have some better control over what should be included in monitoring like just app logs or server and pods performance matrices.
Since i could not fund official document, looking for some guidance.
I am running kubernetes cluster on cloud and ES cloud with Observability.
The config map hold the configuration for what goes in pod and what is ultimate shipped from pod to ES cloud/kibana.
CM : agent-node-datastreams in kube-system namespace
Pod name : elastic-agent-standalone-****
Agent config File: /etc/elastic-agent/agent.yml
outputs:
default:
type: elasticsearch
hosts:
- >-
${ES_HOST}
api_key: ${API_KEY}
agent:
monitoring:
enabled: true
use_output: default
logs: true
metrics: true
providers.kubernetes:
node: ${NODE_NAME}
scope: node
.....
What changes can be done to exclude lets say server/host logs like syslogs and login logs etc.. ?