Kubernetes Pods LogSource Configuration
Last updated on 13 June, 2023Disclaimer: The LogSource LM LogicModule is currently in open Beta.
LogSource is a LogicModule that provides templates to help you enable LM Logs and configure log data collection and forwarding. LogSource contains details about which logs to get and where to get them, and which fields should be considered for parsing. LogSource is available for common sources of log data.
Requirements
The Kubernetes Pods LogSource type uses the LM Collector. When using the LM Collector with LogSource, the LM Collectors installed in your infrastructure must be version EA 31.200 or later. For information on how to upgrade a collector, see Managing Collectors.
Configuration Options
The following describes configuration details specific to the Kubernetes Pods type of LogSource. For general information on how to add a LogSource, see Configuring a LogSource.
Include Filters
You can add filters to include resources of certain types, for example an application. The output matching the filter criteria will be forwarded to the log ingestion process.
Available parameters
| Attributes | Comparison operator | Value example |
| Message | Equal, NotEqual, Contain, NotContain, RegexMatch, RegexNotMatch. | Regular expression |
Log Fields
You can configure Log Fields (tags) to send additional metadata with the logs.
Available parameters
| Method | Key example | Value example | Description |
| Static | “Customer” | “Customer_XYZ” | |
| Dynamic(REGEX) | “Host” | “host=*” | The query will run on the message field. |
| LM Property(Token) | “Device” | “##system.deviceId##” |
Example
Configuration example for a Kubernetes Pods type of LogSource.
Basic Information
- Name: Kubernetes_Pods
- Description: Data collection for pod logs from monitored Kubernetes clusters.
- AppliesTo (custom query): system.devicetype == “8”
- Type: LM Logs: Kubernetes Pods
- Group: Kubernetes