Project 'platform-one/big-bang/apps/core/elasticsearch-kibana' was moved to 'big-bang/product/packages/elasticsearch-kibana'. Please update any links and bookmarks that may still have the old path.
elastic.md 1.30 KiB
Logs from the ECK stack
Pre-requisites
- ECK stack deployed
Getting Started
-
Login to Kibana
- username: elastic
- Password : can be obtained by querying kubectl get secrets -n logging logging-ek-es-elastic-user -o go-template='{{.data.elastic | base64decode}}'
-
Create an Index by clicking the Management icon in the left menu and clicking Index patterns under Kibana. In the Create Index patterns enter <logstash-*> and click create index pattern. In the the next step Click on the dropdown and select "@timestamp"
-
For Search click on Discovery from the side menu
-
In KQL textbox enter
kubernetes.namespace.name : elastic -
Click Refresh/Update
-
Note: Logs from the monitoring stack can be viewd on Kibana. The default index pattern is logstash-*. Logs for the entire ECK stack can be procured by filtering on the "elastic" namespace.
Further filters that can be used are:
Kibana
-
kubernetes.pod_name=Kibana Pod Nameto get logs from a specific pod-
kubernetes.container_name=kibanato get logs from kibana container
-
Elasticsearch Pods
-
kubernetes.pod_name=elastic-es-default-#to get logs from a specific # pod-
kubernetes.container_name=elasticsearchorelastic-internal-init-filesystemto get logs from a specific container within the pod
-