Using legacy Log Forwarding is not sending logs to the internal Elasticsearch in RHOCP 4.4 and later

Solution In Progress - Updated -

Issue

  • Forwarding logs to external log aggregator using fluentd-forward as per documentation protocol stops sending logs to the internal elasticsearch.
  • Forwarding logs to external syslog server using syslog protocol as per documentation stops sending logs to the internal elasticsearch.
  • The fluentd configuration in RHOCP 4.5 generated after configuring the secure-forward is las mentioned below:
$ oc rsh <fluentd pod> cat /etc/fluent/fluent.conf
//Output-Emiited//
<label @_LOGS_APP>
  <match **>
    @type copy


    <store>
      @type relabel
      @label @_LEGACY_SECUREFORWARD
    </store>

  </match>
</label>
<label @_LOGS_AUDIT>
  <match **>
    @type copy


    <store>
      @type relabel
      @label @_LEGACY_SECUREFORWARD
    </store>

  </match>
</label>
<label @_LOGS_INFRA>
  <match **>
    @type copy


    <store>
      @type relabel
      @label @_LEGACY_SECUREFORWARD
    </store>

  </match>
</label>
//Output-Emiited//

Environment

  • Red Hat OpenShift Container Platform [RHOCP]
    • 4.4
    • 4.5

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content