openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
ebddd5bb30f932b57cedc1507678ea44c14fbc80
openshift-docs/modules/log-collector-http-server.adoc
ashiot 517fe4b8cc Merging 6.2 into main
2025-04-11 10:06:24 +01:00

91 lines
2.8 KiB
Plaintext
Raw Blame History

// Module included in the following assemblies:
//
// * observability/logging/log_collection_forwarding/cluster-logging-collector.adoc
//This file is for Logging 5.x
:_mod-docs-content-type: PROCEDURE
[id="log-collector-http-server_{context}"]
= Configuring the collector to receive audit logs as an HTTP server
You can configure your log collector to listen for HTTP connections and receive audit logs as an HTTP server by specifying `http` as a receiver input in the `ClusterLogForwarder` custom resource (CR). This enables you to use a common log store for audit logs that are collected from both inside and outside of your {product-title} cluster.
.Prerequisites
* You have administrator permissions.
* You have installed the {oc-first}.
* You have installed the {clo}.
* You have created a `ClusterLogForwarder` CR.
.Procedure
. Modify the `ClusterLogForwarder` CR to add configuration for the `http` receiver input:
+
--
.Example `ClusterLogForwarder` CR if you are using a multi log forwarder deployment
[source,yaml]
----
apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
# ...
spec:
serviceAccountName: <service_account_name>
inputs:
- name: http-receiver # <1>
receiver:
type: http # <2>
http:
format: kubeAPIAudit # <3>
port: 8443 # <4>
pipelines: # <5>
- name: http-pipeline
inputRefs:
- http-receiver
# ...
----
<1> Specify a name for your input receiver.
<2> Specify the input receiver type as `http`.
<3> Currently, only the `kube-apiserver` webhook format is supported for `http` input receivers.
<4> Optional: Specify the port that the input receiver listens on. This must be a value between `1024` and `65535`. The default value is `8443` if this is not specified.
<5> Configure a pipeline for your input receiver.
--
+
--
.Example `ClusterLogForwarder` CR if you are using a legacy deployment
[source,yaml]
----
apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
name: instance
namespace: openshift-logging
spec:
inputs:
- name: http-receiver # <1>
receiver:
type: http # <2>
http:
format: kubeAPIAudit # <3>
port: 8443 # <4>
pipelines: # <5>
- inputRefs:
- http-receiver
name: http-pipeline
# ...
----
<1> Specify a name for your input receiver.
<2> Specify the input receiver type as `http`.
<3> Currently, only the `kube-apiserver` webhook format is supported for `http` input receivers.
<4> Optional: Specify the port that the input receiver listens on. This must be a value between `1024` and `65535`. The default value is `8443` if this is not specified.
<5> Configure a pipeline for your input receiver.
--
. Apply the changes to the `ClusterLogForwarder` CR by running the following command:
+
[source,terminal]
----
$ oc apply -f <filename>.yaml
----
View Git Blame Copy Permalink