Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support Windows container FluentBit querying Windows event logs #2290

Closed
inosvaruag opened this issue Jun 23, 2020 · 6 comments
Closed

Support Windows container FluentBit querying Windows event logs #2290

inosvaruag opened this issue Jun 23, 2020 · 6 comments
Labels
Stale

Comments

@inosvaruag
Copy link

Is your feature request related to a problem? Please describe.
FluentBit currently only runs as a service or local process. It cannot be used as a container on Windows and get the underlying VM's logs.

Describe the solution you'd like
Allow FluentBit to accept credentials and login to the underlying host for getting access to logs - event logs, files, etc. WMI Remoting, Powershell remoting, CIM sessions, etc. could be used for establishing this connection.

Describe alternatives you've considered
There is no way of running FluentBit to get underlying VM's logs.
@fujimotos
Copy link
Member

FluentBit currently only runs as a service or local process. It cannot be used as a container on Windows and get the underlying VM's logs.

@inosvaruag This is already (partly) possible.

The common solution is to map the log directory of the host machine
to the guest containers. For example, if you're running a k8s container
on Windows host, you can add the following in deployment.yaml:

volumes:
- name: k            # /k/ for kubelet.err.log
  hostPath: 
    path: /k/
- name: varlog       # /var/log/ for conteiner logs
  hostPath:
    path: /var/log/
- name: progdata     # You need this to resolve symlinks in /var/log
  hostPath:
    path: /ProgramData/

With this configuration, the guest can see the host log (e.g.
C:\k\kubelet.err.log), and can easily transfer the data.

The Event Log part is not possible as of now, and indeed a bit tricky.
Since the guest might not have relevant DLLs to reconstruct an
event record, it is not well positioned for that task.

We can have more detailed discussion if you can share your
background situation and requirement.

@inosvaruag
Copy link
Author

@fujimotos - yes I'm aware that FluentBit can be used to fetch file logs by mounting a container.

This feature request is more about adding event log support for containerized FluentBit

@inosvaruag inosvaruag changed the title Support Windows containers for FluentBit Support Windows container FluentBit querying Windows event logs Jul 17, 2020
@inosvaruag
Copy link
Author

I've opened an identical request on FluentD's eventlog plugin - fluent/fluent-plugin-windows-eventlog#65.

It would be great to see similar support in FluentBit.

@github-actions
Copy link
Contributor

github-actions bot commented May 7, 2021

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

@github-actions github-actions bot added the Stale label May 7, 2021
@github-actions
Copy link
Contributor

This issue was closed because it has been stalled for 5 days with no activity.

@canob
Copy link

canob commented Aug 15, 2023

This feature looks like a MUST for Fluentbit Windows Container to collect Windows Logs, :(

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@inosvaruag @fujimotos @canob