I'm trying to forward kubernetes-event logs to elasticsearch using fluentd.I currently use fluent/fluentd-kubernetes-daemonset:v1.10.1-debian-elasticsearch7-1.0
as container image to forward my application logs to elasticsearch cluster.I've searched enough & my problem is that this image doesn't have enough documentation as to accomplishing this task(i.e; forward kubernetes event related logs).
I've found this plugin from splunk which has desired output but this has overhead like :
add above plugin's gem to bundler.
install essential tools like
make
etc.install the plugin .
Sure I can do above steps using init-container
, but above operations are adding ~200MB to disk space .I'd like to know if it can be accomplished with smaller footprint or other way.
Any help is appreciated.
Thanks.