Parse glog format for K8s Logs

splunk / splunk-connect-for-kubernetes

Helm charts associated with kubernetes plug-ins

Apache License 2.0

344 stars 270 forks source link

Parse glog format for K8s Logs #785

Closed bdschaap closed 2 years ago

bdschaap commented 2 years ago

My K8s logs in glog format that are ingested through Splunk Connect for Kubernetes aren't parsed. I wanted to see if I could get some advice on parsing the glog format. I see references to glog in values.yaml for the helm chart but it's not clear to me what that does.

hvaghani221 commented 2 years ago

SCK doesn't support glog format. If you want to use custom format, you have to modify the following part: https://github.com/splunk/splunk-connect-for-kubernetes/blob/29ec02a96ac951a9a012f85dbd2ad53e8c8ba2b7/helm-chart/splunk-connect-for-kubernetes/charts/splunk-kubernetes-logging/templates/configMap.yaml#L57-L101

Reference: https://docs.fluentd.org/input/tail