Before Appling this filter I could see the following log lines -
10.128.54.48 - - [12/Sep/2022:12:35:41 +0000] "GET /health HTTP/1.1" 200 15 "-" "kube-probe/1.23+" "-"
10.128.48.97 - - [12/Sep/2022:12:35:42 +0000] "GET /health HTTP/1.1" 200 15 "-" "ELB-HealthChecker/2.0" "-"
After applying the above mentioned filter the kube-probe/1.23+ healtcheck is no longer sent to CloudWatch. However the ELB healtcheck logs are still sent to cloudwatch.
Image used - fluent/fluentd-kubernetes-daemonset:v1.15.1-debian-cloudwatch-1.0
I'm trying to minimize the logs sent to CloudWatch and trying to not send kube-probe and load balancer healthchecks to cloudwatch.
Currently using exclude filter like this -
Before Appling this filter I could see the following log lines - 10.128.54.48 - - [12/Sep/2022:12:35:41 +0000] "GET /health HTTP/1.1" 200 15 "-" "kube-probe/1.23+" "-" 10.128.48.97 - - [12/Sep/2022:12:35:42 +0000] "GET /health HTTP/1.1" 200 15 "-" "ELB-HealthChecker/2.0" "-"
After applying the above mentioned filter the kube-probe/1.23+ healtcheck is no longer sent to CloudWatch. However the ELB healtcheck logs are still sent to cloudwatch.