Audit Logs forwarded using the syslog protocol show container name instead of node name

Solution Verified - Updated -

Issue

  • How can we configure LogForwarding to send logs with a hostname of the originating node(where the fluentd pod is running on)?
  • Logs are coming With the fluentd container name if fluentd container gets recreated with a different name how we can track old logs of the previous fluentd.
Current log format:
--
<containername> fluentd
--

Expected log format:
--
<nodename> fluentd
--

Environment

  • Red Hat Container Openshift Platform 4.6

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content