forked from Azure/ARO-RP
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Move genevalogging operator controller files into separate .confs wit…
…h goembed (Azure#3276)
- Loading branch information
Showing
4 changed files
with
178 additions
and
97 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
75 changes: 75 additions & 0 deletions
75
pkg/operator/controllers/genevalogging/staticfiles/fluent.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
[SERVICE] | ||
Parsers_File /etc/td-agent-bit/parsers.conf | ||
|
||
[INPUT] | ||
Name systemd | ||
Tag journald | ||
DB /var/lib/fluent/journald | ||
|
||
[INPUT] | ||
Name tail | ||
Tag containers | ||
Path /var/log/containers/* | ||
Path_Key path | ||
DB /var/lib/fluent/containers | ||
Parser crio | ||
|
||
[INPUT] | ||
Name tail | ||
Tag audit | ||
Path /var/log/kube-apiserver/audit.log | ||
Path_Key path | ||
DB /var/lib/fluent/audit | ||
Parser audit | ||
|
||
[FILTER] | ||
Name modify | ||
Match journald | ||
Remove_wildcard _ | ||
Remove TIMESTAMP | ||
Remove SYSLOG_FACILITY | ||
|
||
[FILTER] | ||
Name parser | ||
Match containers | ||
Key_Name path | ||
Parser containerpath | ||
Reserve_Data true | ||
|
||
[FILTER] | ||
Name grep | ||
Match containers | ||
Regex NAMESPACE ^(?:default|kube-.*|openshift|(?!openshift-(logging|gitops|user-workload-monitoring|adp|distributed-tracing|cnv|serverless|pipelines|nfd))(openshift-.*))$ | ||
|
||
[FILTER] | ||
Name nest | ||
Match audit | ||
Operation lift | ||
Nested_under user | ||
Add_prefix user_ | ||
|
||
[FILTER] | ||
Name nest | ||
Match audit | ||
Operation lift | ||
Nested_under impersonatedUser | ||
Add_prefix impersonatedUser_ | ||
|
||
[FILTER] | ||
Name nest | ||
Match audit | ||
Operation lift | ||
Nested_under responseStatus | ||
Add_prefix responseStatus_ | ||
|
||
[FILTER] | ||
Name nest | ||
Match audit | ||
Operation lift | ||
Nested_under objectRef | ||
Add_prefix objectRef_ | ||
|
||
[OUTPUT] | ||
Name forward | ||
Match * | ||
Port 24224 |
17 changes: 17 additions & 0 deletions
17
pkg/operator/controllers/genevalogging/staticfiles/parsers.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
[PARSER] | ||
Name audit | ||
Format json | ||
Time_Key stageTimestamp | ||
Time_Format %Y-%m-%dT%H:%M:%S.%L | ||
|
||
[PARSER] | ||
Name containerpath | ||
Format regex | ||
Regex ^/var/log/containers/(?<POD>[^_]+)_(?<NAMESPACE>[^_]+)_(?<CONTAINER>.+)-(?<CONTAINER_ID>[0-9a-f]{64})\.log$ | ||
|
||
[PARSER] | ||
Name crio | ||
Format regex | ||
Regex ^(?<TIMESTAMP>[^ ]+) [^ ]+ [^ ]+ (?<MESSAGE>.*)$ | ||
Time_Key TIMESTAMP | ||
Time_Format %Y-%m-%dT%H:%M:%S.%L |