Skip to content

Infrastructure monitoring

Log collection

Default installation collects Kubernetes logs.

Kubernetes events

Kubernetes events provide a rich source of information. These objects can be used to monitor your application and cluster state, respond to failures, and perform diagnostics. The events are generated when the cluster's resources—such as pods, deployments, or nodes—change state.

Whenever something happens inside your cluster, it produces an events object that provides visibility into your cluster. However, Kubernetes events don't persist throughout your cluster lifecycle, as there's no mechanism for retention. They're short-lived and only available for one hour after the event is generated.

With that in mind we're configuring an OpenTelemetry receiver to collect Kubernetes events and ship them to the kube-events subSystem so that you can leverage all the other features such as dashboard and alerting using Kubernetes events as the source of information.

On the OpenTelemetry config, you will find a new pipeline named logs/kube-events, which is used to collect, process, and export the Kubernetes events to Coralogix.

Cleaning the data

By default, there's a transform processor named transform/kube-events which is removing some unneeded fields, but feel free to override this and add back some fields or even remove fields that are not needed at all on your specific use case.

Filtering events

On large-scale environments, you may have hundreds or even millions of events per hour, and maybe you don't need all of them, with that in mind you can leverage another OpenTelemetry processor to filter the events and don't send it to Coralogix, below you can find a config sample.

processors:
  filter/kube-events:
    logs:
      log_record:
        - 'IsMatch(body["reason"], "(BackoffLimitExceeded|FailedScheduling|Unhealthy)") == true'

This configuration is filtering out any event that has the field reason with one of those values BackoffLimitExceeded|FailedScheduling|Unhealthy, for more information about the filter processor feel free to check the official documentation here.

Was this helpful?
Previous Filtering and Reducing Costs
Next Integration Presets
Home
User Guides
DataPrime
Integrations
OpenTelemetry
Developer Portal