Sumo Logic with Logging operator and Fluentd
This guide walks you through a simple Sumo Logic setup using the Logging Operator. Sumo Logic has Prometheus and logging capabilities as well. Now we only focus on the logging part.
Configuration
There are 3 crucial plugins needed for a proper Sumo Logic setup.
- Kubernetes metadata enhancer
- Sumo Logic filter
- Sumo Logic output
Let’s setup the logging first.
GlobalFilters
The first thing we need to ensure is that the EnhanceK8s
filter is present in the globalFilters
section of the Logging spec.
This adds additional data to the log lines (like deployment and service names).
ClusterFlow
Now we can create a ClusterFlow. Add the Sumo Logic filter to the filters
section of the ClusterFlow spec.
It will use the Kubernetes metadata and moves them to a special field called _sumo_metadata
.
All those moved fields will be sent as HTTP Header to the Sumo Logic endpoint.
Note: As we are using Fluent Bit to enrich Kubernetes metadata, we need to specify the field names where this data is stored.
ClusterOutput
Create a Sumo Logic output secret from the URL.
Finally create the Sumo Logic output.