Add or edit Kubernetes API logs connector

To use the Kubernetes API logs connector, you must be generally familiar with Kubernetes and the following:

• kubectl command
• namespaces
• pods, pod labels and label/field selectors
• kube config
• configuring service accounts, tokens, roles, and permissions in Kubernetes

The Kubernetes API Logs connector allows you to collect and normalize logs for applications deployed inside of the Kubernetes cluster. This connector is useful when the SEM agent/manager is deployed inside of the cluster, or when the agent/manager has direct access to the Kubernetes API server.

Like other connectors, this connector can be configured, edited, started, or deleted. One connector can read logs from multiple pods that are either running or terminated, but not from deleted pods. The connector can dynamically start monitoring newly joined pods that meet the criteria and stop monitoring pods that no longer match the criteria. The connector remembers the last-read log positions for each pod container, so it knowns where to start reading the logs after a pod restarts.

You can use selector expressions or specific pod names to specify which pods (applications) to monitor. You can also specify which pod containers will read logs as well as the namespace where the pod(s) should be located (do not specify a namespace if you want to match any namespace).

This connector makes API http requests to fetch matched pod details and pod logs in iterative fashion. The interval and fetch limits are adjustable, so it can cover different log rates with controllable load on the API server.

You can configure multiple Kubernetes API connectors matching different pods or can configure one connector that uses flexible selectors to match multiple pods. Additionally, you can adjust advanced connector settings for connection establishment, log fetch size limit, and more.

Add/edit Kubernetes API connectors

1. Click Configure > Manager connectors.

2. In the Refine results panel, check Connector.

3. In the Search field, type Kubernetes and press Enter.

4. In search results, either check the Kubernetes API Logs under Available connectors, and click Add Connector, or check an existing configured connector and click Edit.

   

5. Review the default connector settings and edit as needed before clicking Save/Edit to save the selections.

Connector settings

• Name: Appears in the lists of Configured and Available connectors.

• Connection Type: Specifies authentication method.

  • Auto: Authenticates by auto-detecting connection properties in the machine cluster.

  • Token: Authenticates using your custom token and Kubernetes server CA certificate.

    • API Server URL: The master base URL of the API server

    • Token: Your custom token

    • Server CA Certificate: Your CA certificate in base64-encoded PEM format

  • Local Proxy: Authenticates through a locally running kubectl HTTP proxy.

    • Local Proxy Port: Your local proxy port

  

• Watch Type

  • Pod: Matches a specific pod’s log.

    • Pod Name: An existing pod's name

  • Selector: Matches pods using label and/or field selectors.

    • Label Selector: An optional label selector to match specific pod

    • Field Selector: An optional field selector to match specific pod

    • Pod Match

      • First: Matches first pod only

      • All: Matches all pods

  

• Namespace: Optional namespace where pod(s) are located.

• Container Name: Optional container name to match within a pod.

  • Output: (Reader output)

  • Normalized

  • Raw + Normalized

  • Raw

• Sleep Time: Specifies the time to sleep (in milliseconds) before fetching new logs from Kubernetes API.