FluentBit
groundcover automatically collects all logs within your Kubernetes cluster streamed via Standard Output (stdout) using our proprietary eBPF sensor, requiring no setup. However, if your organization stores logs in files, either within Kubernetes or outside, or if you want to pass logs from non-Kubernetes entities, you can use FluentBit to send these logs to groundcover.
Setting metadata
While not required, it is suggested to set metadata attributes to be recognized by groundoover.
env_name
Will associate the log with an environment in groundcover. Read more
clusterId
Will associate the log with a cluster in groundcover.
host.name
Will appear as the logs' hostname
gc_source_type
will appear the source of the type of the logs. . Can be any value of your choosing. For example, logs from Kubernetes clusters are marked as 'k8s'
service.name
Will appear as the name of the workload that created the log.
Configuring the output stage
Setup instructions depend on whether your logs are stored in a Kubernetes or non-Kubernetes cluster.
Finding the OTEL endpoint of the inCloud backend
The following example will use FluentBit's OpenTelemetry Exporter to send logs to your inCloud's endpoint.
For more instructions on finding your inCloud endpoint and apikey, see these docs.
Configuring an output stage
Add the following code to your Fluent Bit configuration to start sending logs to groundcover:
[OUTPUT]
Name http
Match *
Host {inCloud_Site}
Port 443
Tls On
Tls.verify On
URI /json/logs
Json_date_key timestamp
Json_date_format iso8601
Header apikey {ingestion-key}Last updated