errm
commented
3 years ago This doesn't seem to be a bug with fluent-plugin-systemd?
If you have a general support question about how your Google Cloud servers behave on reboot I sugest contacting their support channels, or perhaps ask on serverfault or whatever...
If you have a bug to report please feel free to re-open this issue with some more information :)
What happened: i have implemented the journald configuration in my splunk but still i could not see node reboot logs.
I want to know that my gke node got restarted or not by checking the logs in splunk and i am not sure which systemd service unit holds that data
What you expected to happen:
i want to see logs to be reflected wn ever reboot happen on that gke node
How to reproduce it (as minimally and precisely as possible):
i have gke cluster and have node running on os Container-optimized os and jst login to gke node and reboot that gke and in splunk we should get some logs stating gke node rebooted.
Anything else we need to know?: configuration using to get journal configuration:
source.journald.conf: |-
This fluentd conf file contains configurations for reading logs from systemd journal.
@id journald-all @type systemd @Label @concat tag journald.journal:all path "/var/log/journal" matches [] read_from_head true
@type local persistent true path /var/log/splunkd-fluentd-journald-all.pos.json
field_map {"MESSAGE": "log", "_SYSTEMD_UNIT": "source"} field_map_strict true
Environment:
Kubernetes version (use kubectl version): 1.15.12-gke.2 Ruby version (use ruby --version): OS (e.g: cat /etc/os-release): Container-Optimized OS (cos)