The logging resource defines the logging infrastructure for your cluster that collects and transports your log messages, and also contains configurations for Fluentd and Fluent-bit. It also establishes the controlNamespace, the administrative namespace of the Logging operator. The Fluentd statefulset and Fluent-bit daemonset are deployed in this namespace, and global resources like ClusterOutput and ClusterFlow are evaluated only in this namespace by default - they are ignored in any other namespace unless allowClusterResourcesFromAllNamespaces is set to true.

You can define multiple logging resources if needed, for example, if you want to run multiple fluentd instances with separate configurations. You can customize the fluentd and fluent-bit configuration in the logging resource). It also declares watchNamespaces if applicable to narrow down the namespaces in which the logging operator should evaluate and incorporateFlow and Output resources into fluentd’s configuration.

You can install a logging resource with built-in TLS generation using the logging Helm chart.

The One Eye observability tool can manage the TLS certificates of the logging resource using cert-manager.

For the list of available parameters for logging resource, see LoggingSpec.

You can also customize the fluentd statefulset that Logging operator deploys. For a list of parameters, see FluentdSpec. For examples on customizing the Fluentd configuration, see Configure Fluentd.

You can also customize the fluent-bit that Logging operator deploys. For a list of parameters, see FluentbitSpec. For examples on customizing the Fluent-bit configuration, see FluentBit.

The following example snippets use the logging namespace. To create this namespace if it does not already exist, run:

kubectl create ns logging

A simple logging example 🔗︎

apiVersion: logging.banzaicloud.io/v1beta1
kind: Logging
metadata:
  name: default-logging-simple
  namespace: logging
spec:
  fluentd: {}
  fluentbit: {}
  controlNamespace: logging

Filter namespaces 🔗︎

In the following example, the watchNamespaces option is set, so logs are collected only from the prod and test namespaces.

apiVersion: logging.banzaicloud.io/v1beta1
kind: Logging
metadata:
  name: default-logging-namespaced
  namespace: logging
spec:
  fluentd: {}
  fluentbit: {}
  controlNamespace: logging
  watchNamespaces: ["prod", "test"]