Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-2095

Would like to be able to exclude logs from pods or namespaces to be sent to one endpoint.



    • Feature Request
    • Status: Backlog (View Workflow)
    • Normal
    • Resolution: Unresolved
    • None
    • None
    • Logging
    • False
    • False
    • undefined


      1. Proposed title of this feature request
      Would like to be able to exclude logs from pods or namespaces to be sent to one endpoint.

      2. What is the nature and description of the request?
      So the customer wants to be able to configure fluentd to stop sending logs for a certain project or pod to one specified endpoint. The example provided by the customer is:

      • The logs for apps A, B and C logs are collected in internal elasticearch
      • The logs for apps D and E are collected in Splunk
      • Stop the sent of logs for apps D and E in the internal elasticearch because they are being collected in Splunk,
        It works if it’s possible to the namespace level, but, it would be even better if it’s possible to define it to the pod level.

      3. Why does the customer need this? (List the business requirements here)
      The customer has advised as the logs are being stored in a third part, they don't what them stored in the internal elasticsearch to save space and the customer doesn’t want to keep a duplicate copy of the logs in the internal elasticsearch for namespaces that are sending logs to Splunk. When it’s said elasticsearch or splunk, really it’s said “endpoint A” and “endpoint B” whatever software is running in the endpoint A and endpoint B.

      4. How would the customer like to achieve this? (List the functional requirements here)
      Able to indicate in the clusterLogForwarder the appropriate configuration similar to the existent for sending only for specific namespaces, but, in this case specifying the opposite. The namespace/logs that it’s desired to avoid to send the logs to the endpoint.

      5. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented.
      The use case provided in point 3

      6. Is there already an existing RFE upstream or in Red Hat Bugzilla?
      It looks like there is none open at the moment I have asked the logging channels

      7. Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL8, RHEL9)?
      There is no specific deadline

      8. Is the sales team involved in this request and do they have any additional input?
      Not at this time

      9. List any affected packages or components.
      Logging stack. In specific the collector.




            jamparke@redhat.com Jamie Parker
            fmasombo@redhat.com Francisca Masombo
            1 Vote for this issue
            3 Start watching this issue