Hi,
We have recently started using GKE ( Google managed Kubernetes service ) windows nodes.
For all the linux deployments, we have filebeat deployed as daemonset that sends all the application logs into our Elasticsearch cluster.
What will be a similair approach to send our application logs int Elasticsearch for windows containers deployments ? Our application doesn't send logs into windows event or application logs viewer.
Thanks,
Alex.
Hey @alek,
I think you are entering a bit on uncharted territory, at least for me 
So consider my answers as possible ideas more than solutions.
Filebeat is also supported in Windows but I guess that the main difference would be that Beats are not distributed as Windows containers yet. To use filebeat as a daemonset you would need to create your own filebeat container for windows.
Another option would be to install Filebeat in the Windows hosts directly, and from there collect the logs of the containers. Would it be a possibility in your case?
In any case I have opened a new issue in Github because I think this is an interesting use case to cover: https://github.com/elastic/beats/issues/16814
Thanks for your prompt response.
I have found this summary that describes current options and cane be useful for you as well - https://gist.github.com/jsturtevant/73b0bfe301a6abecd951b6f98bddffd4 .
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.