I'm trying to add centralized logging to my kubernetes cluster using EFK. I found out that my logs from pods that are written to system out are stored in journald in my master node. But I want to store those logs in elasticsearch.
Can I change docker config to redirect logs to var logs? I try to avoid to log from my pods in custom location.
Or can I intercept the logs from journald using fluentd or anything else?
Thanks
