mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
51 lines
3.3 KiB
Plaintext
51 lines
3.3 KiB
Plaintext
:_mod-docs-content-type: ASSEMBLY
|
|
include::_attributes/common-attributes.adoc[]
|
|
include::_attributes/attributes-openshift-dedicated.adoc[]
|
|
[id="cluster-logging"]
|
|
= About Logging
|
|
:context: cluster-logging
|
|
|
|
toc::[]
|
|
|
|
As a cluster administrator, you can deploy {logging} on an {product-title} cluster, and use it to collect and aggregate node system audit logs, application container logs, and infrastructure logs. You can forward logs to your chosen log outputs, including on-cluster, Red{nbsp}Hat managed log storage. You can also visualize your log data in the {product-title} web console, or the Kibana web console, depending on your deployed log storage solution.
|
|
|
|
include::snippets/logging-kibana-dep-snip.adoc[]
|
|
|
|
{product-title} cluster administrators can deploy {logging} by using Operators. For information, see xref:../../observability/logging/cluster-logging-deploying.adoc#cluster-logging-deploying[Installing logging].
|
|
|
|
The Operators are responsible for deploying, upgrading, and maintaining {logging}. After the Operators are installed, you can create a `ClusterLogging` custom resource (CR) to schedule {logging} pods and other resources necessary to support {logging}. You can also create a `ClusterLogForwarder` CR to specify which logs are collected, how they are transformed, and where they are forwarded to.
|
|
|
|
[NOTE]
|
|
====
|
|
Because the internal {product-title} Elasticsearch log store does not provide secure storage for audit logs, audit logs are not stored in the internal Elasticsearch instance by default. If you want to send the audit logs to the default internal Elasticsearch log store, for example to view the audit logs in Kibana, you must use the Log Forwarding API as described in xref:../../observability/logging/log_storage/logging-config-es-store.adoc#cluster-logging-elasticsearch-audit_logging-config-es-store[Forward audit logs to the log store].
|
|
====
|
|
|
|
include::modules/logging-architecture-overview.adoc[leveloffset=+1]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
* xref:../../observability/logging/log_visualization/log-visualization-ocp-console.adoc#log-visualization-ocp-console[Log visualization with the web console]
|
|
|
|
include::modules/cluster-logging-about.adoc[leveloffset=+1]
|
|
|
|
ifdef::openshift-rosa,openshift-dedicated[]
|
|
include::modules/cluster-logging-cloudwatch.adoc[leveloffset=+1]
|
|
For information, see xref:../../observability/logging/log_collection_forwarding/log-forwarding.adoc#about-log-collection_log-forwarding[About log collection and forwarding].
|
|
endif::[]
|
|
|
|
include::modules/cluster-logging-json-logging-about.adoc[leveloffset=+2]
|
|
|
|
include::modules/cluster-logging-collecting-storing-kubernetes-events.adoc[leveloffset=+2]
|
|
|
|
For information, see xref:../../observability/logging/log_collection_forwarding/cluster-logging-eventrouter.adoc#cluster-logging-eventrouter[Collecting and storing Kubernetes events].
|
|
|
|
include::modules/cluster-logging-troubleshoot-logging.adoc[leveloffset=+2]
|
|
|
|
include::modules/cluster-logging-export-fields.adoc[leveloffset=+2]
|
|
|
|
For information, see xref:../../observability/logging/cluster-logging-exported-fields.adoc#cluster-logging-exported-fields[Log record fields].
|
|
|
|
include::modules/cluster-logging-eventrouter-about.adoc[leveloffset=+2]
|
|
|
|
For information, see xref:../../observability/logging/log_collection_forwarding/cluster-logging-eventrouter.adoc#cluster-logging-eventrouter[Collecting and storing Kubernetes events].
|