openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
enterprise-4.21
openshift-docs/observability/logging/log_collection_forwarding/log-forwarding.adoc
libander 6e578d97f3 Removing xrefs
2025-02-20 14:07:17 +00:00

50 lines
2.5 KiB
Plaintext
Raw Permalink Blame History

:_mod-docs-content-type: ASSEMBLY
include::_attributes/common-attributes.adoc[]
include::_attributes/attributes-openshift-dedicated.adoc[]
[id="log-forwarding"]
= About log collection and forwarding
:context: log-forwarding
toc::[]
The {clo} deploys a collector based on the `ClusterLogForwarder` resource specification. There are two collector options supported by this Operator: the legacy Fluentd collector, and the Vector collector.
include::snippets/logging-fluentd-dep-snip.adoc[]
include::modules/about-log-collection.adoc[leveloffset=+1]
include::modules/logging-vector-fluentd-feature-comparison.adoc[leveloffset=+2]
include::modules/log-forwarding-collector-outputs.adoc[leveloffset=+2]
[id="log-forwarding-about-clf"]
== Log forwarding
Administrators can create `ClusterLogForwarder` resources that specify which logs are collected, how they are transformed, and where they are forwarded to.
`ClusterLogForwarder` resources can be used up to forward container, infrastructure, and audit logs to specific endpoints within or outside of a cluster. Transport Layer Security (TLS) is supported so that log forwarders can be configured to send logs securely.
Administrators can also authorize RBAC permissions that define which service accounts and users can access and forward which types of logs.
include::modules/log-forwarding-implementations.adoc[leveloffset=+2]
[id="log-forwarding-enabling-multi-clf-feature"]
=== Enabling the multi log forwarder feature for a cluster
To use the multi log forwarder feature, you must create a service account and cluster role bindings for that service account. You can then reference the service account in the `ClusterLogForwarder` resource to control access permissions.
[IMPORTANT]
====
In order to support multi log forwarding in additional namespaces other than the `openshift-logging` namespace, you must update the {clo} to watch all namespaces]. This functionality is supported by default in new {clo} version 5.8 installations.
====
include::modules/log-collection-rbac-permissions.adoc[leveloffset=+3]
[role="_additional-resources"]
.Additional resources
ifdef::openshift-enterprise[]
* xref:../../../authentication/using-rbac.adoc#using-rbac[Using RBAC to define and apply permissions]
* xref:../../../authentication/using-service-accounts-in-applications.adoc#using-service-accounts-in-applications[Using service accounts in applications]
endif::[]
* link:https://kubernetes.io/docs/reference/access-authn-authz/rbac/[Using RBAC Authorization Kubernetes documentation]
View Git Blame Copy Permalink