Merge "Fluentd: Update kernel and auth inputs to use systemd"

2020-01-31 22:20:22 +00:00 · 2020-01-31 22:20:22 +00:00 · 3dd0eb0cdf
parent 26208fa3a7 781e65ac5d
commit 3dd0eb0cdf
1 changed files with 21 additions and 31 deletions
--- a/tools/deployment/common/fluentd-daemonset.sh
+++ b/tools/deployment/common/fluentd-daemonset.sh
@ -90,23 +90,16 @@ conf:
      </source>

      <source>
-        @type tail
-        tag kernel
-        path /var/log/kern.log
-        read_from_head true
-        <parse>
-          @type none
-        </parse>
-      </source>
-
-      <source>
-        @type tail
+        @type systemd
        tag auth
-        path /var/log/auth.log
+        path /var/log/journal
+        matches [{ "SYSLOG_FACILITY":"10" }]
        read_from_head true
-        <parse>
-          @type none
-        </parse>
+
+        <entry>
+          fields_strip_underscores true
+          fields_lowercase true
+        </entry>
      </source>

      <source>
@ -135,6 +128,19 @@ conf:
        </entry>
      </source>

+      <source>
+        @type systemd
+        tag kernel
+        path /var/log/journal
+        matches [{ "_TRANSPORT": "kernel" }]
+        read_from_head true
+
+        <entry>
+          fields_strip_underscores true
+          fields_lowercase true
+        </entry>
+      </source>
+
      <filter kubernetes.**>
        @type kubernetes_metadata
      </filter>
@ -155,22 +161,6 @@ conf:
        </record>
      </filter>

-      <filter kernel>
-        @type record_transformer
-        <record>
-          hostname "#{ENV['NODE_NAME']}"
-          fluentd_pod "#{ENV['POD_NAME']}"
-        </record>
-      </filter>
-
-      <filter auth>
-        @type record_transformer
-        <record>
-          hostname "#{ENV['NODE_NAME']}"
-          fluentd_pod "#{ENV['POD_NAME']}"
-        </record>
-      </filter>
-
      <match fluent.**>
        @type null
      </match>