0results in no limit, and the buffer will expand as-needed. Note that if pod specifications exceed the buffer limit, the API response will be discarded when retrieving metadata, and some kubernetes metadata will fail to be injected to the logs.
logfield content is a JSON string map, if so, it append the map fields as part of the log structure.
Merge_Logis enabled, the filter tries to assume the
logfield from the incoming message is a JSON string message and make a structured representation of it at the same level of the
logfield in the map. Now if
Merge_Log_Keyis set (a string name), all the new structured fields taken from the original
logcontent are inserted under the new key.
Merge_Logis enabled, trim (remove possible \n or \r) field values.
Keep_Logis disabled, the
logfield is removed from the incoming message once it has been successfully merged (
Merge_Logmust be enabled as well).
Use_Kubeletset to On.
NULLand we will use token file to get token. If you want to manually choose a command to get it, you can set the command here. For example, run
aws-iam-authenticator -i your-cluster-name token --token-onlyto set token. This option is currently Linux-only.
Since Fluent Bit v1.2 we are not suggesting the use of decoders (Decode_Field_As) if you are using Elasticsearch database in the output to avoid data type conflicts.
note that slashes are replaced with dots.
If you have large pod specifications (can be caused by large numbers of environment variables, etc.), be sure to increase the
Buffer_Sizeparameter of the kubernetes filter. If object sizes exceed this buffer, some metadata will fail to be injected to the logs.
the transformation above do not modify the original Tag, just creates a new representation for the filter to perform metadata lookup.
nodes/proxyto get HTTP request in. When creating the
clusterRole, you need to add
nodes/proxyinto the rule for resource.
Use_Kubeletto true to enable this feature.
ClusterFirstWithHostNetthat fluent bit DaemonSet could call Kubelet locally. Otherwise it could not resolve the dns for kubelet.
fluentbit-systemwith the namespace where your fluentbit is installed)
Azure does not have opinion for this user. Then the following
subjectmay need to be included in the
https://kubernetes.default.svc:443. Ensure that you have connectivity to this endpoint from within the cluster and that there are no special permission interfering with the connection.
Podobjects this refresh to the Kubernetes API server can be skipped, causing metadata to be skipped.