Uploaded image for project: 'Observability and Data Analysis Program'
  1. Observability and Data Analysis Program
  2. OBSDA-355

Would like to be able to exclude logs from pods or namespaces to be sent to one endpoint.

    XMLWordPrintable

Details

    • False
    • False
    • 0
    • 0% 0%
    • undefined
    • 0

    Description

      1. Proposed title of this feature request
      Would like to be able to exclude logs from pods or namespaces to be sent to one endpoint.

      2. What is the nature and description of the request?
      So the customer wants to be able to configure fluentd to stop sending logs for a certain project or pod to one specified endpoint. The example provided by the customer is:

      • The logs for apps A, B and C logs are collected in internal elasticearch
      • The logs for apps D and E are collected in Splunk
        Goal:
      • Stop the sent of logs for apps D and E in the internal elasticearch because they are being collected in Splunk,
        It works if it’s possible to the namespace level, but, it would be even better if it’s possible to define it to the pod level.

      3. Why does the customer need this? (List the business requirements here)
      The customer has advised as the logs are being stored in a third part, they don't what them stored in the internal elasticsearch to save space and the customer doesn’t want to keep a duplicate copy of the logs in the internal elasticsearch for namespaces that are sending logs to Splunk. When it’s said elasticsearch or splunk, really it’s said “endpoint A” and “endpoint B” whatever software is running in the endpoint A and endpoint B.

      4. How would the customer like to achieve this? (List the functional requirements here)
      Able to indicate in the clusterLogForwarder the appropriate configuration similar to the existent for sending only for specific namespaces, but, in this case specifying the opposite. The namespace/logs that it’s desired to avoid to send the logs to the endpoint.

      5. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented.
      The use case provided in point 3

      6. Is there already an existing RFE upstream or in Red Hat Bugzilla?
      It looks like there is none open at the moment I have asked the logging channels

      7. Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL8, RHEL9)?
      There is no specific deadline

      8. Is the sales team involved in this request and do they have any additional input?
      Not at this time

      9. List any affected packages or components.
      Logging stack. In specific the collector.

      Attachments

        Activity

          People

            jamparke@redhat.com Jamie Parker
            fmasombo@redhat.com Francisca Masombo (Inactive)
            Votes:
            1 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated: