Container, Node, Cluster Events, and Application logs

Gather logs from your Applications running on k8s

In the previous examples, we've shown you how to gather specific log types of your Kubernetes cluster. With observIQ, you can also enable all 3 log types, and add a Source to your template as well. Follow the below steps:

1) Create a Template

Navigate to the Fleet > Template page and click Add Template


Select Kubernetes as the Platform, fill in a Template Name and Cluster Name, then select each of the logging/event options and click 'Create'.


2) Add a Source to your Template

On the Template > [Template Name] page, click Add Source.


On the Choose Source Type page, select a Source that's running on Kubernetes that'd you like to gather logs from, such as NGINX.


Then fill out the Required Source configuration parameters, and click Create


3) Deploy observIQ Agent with observiq-agent.yaml

On the Template > [Template Name] page, click Add Agents.


On the Install Kubernetes Agents page, copy or download the observiq-agent.yaml, and use the provided kubectl command to deploy to your cluster.


After a few minutes, return to your Template. You'll see the Agents deployed to your Cluster, one for each Node (deployed as a Daemonset), as well as an additional Agent deployed as a Cluster Event collector.


3) Explore your logs

Return to the Explore page, you'll now see Container, Node, Cluster Events logs, as well logs from your specific application flowing to observIQ!


[oiq] NGINX - Overview

Additionally, because you selected all 3 options, and have added NGINX as a Source to your Template, you'll have the [oiq] NGINX - Overview, [oiq] k8s - Overview, and [oiq] k8s Cluster Events - Overview Dashboards deployed to your account automatically.


[oiq] k8s - Overview


[oiq] k8s Cluster Events - Overview