Elasticsearch

You can configure Rancher to send logs from your cluster or project to your instance of Elasticsearch.

• Browse to the cluster or project that you want to log.

To Configure Cluster Logging:

If you’re a cluster owner or member who works in operations or security, configure cluster logging.

• From the Global view, open the cluster that you want to configure logging for.

• From the main menu, select Tools > Logging.

To Configure Project Logging:

• From the Global view, open the project that you want to configure logging for.

• Select Elasticsearch.

• Complete the Elasticsearch Configuration form.

  • From the Endpoint field, enter the IP address and port for your Elasticsearch instance. You can copy this information from the dashboard of your Elasticsearch deployment. Elasticsearch usually uses port .

  • If you are using , enter your Elasticsearch Username and Password for authentication.

  • Enter an Index Pattern.

You can use either a self-signed certificate or one provided by a certificate authority.

You can generate a self-signed certificate using an openssl command. For example:

• Enter your private key password.

• If you are using a certificate from a certificate authority (and not a self-signed certificate), select the Enabled - Input trusted server certificate option and then enter your Trusted Server Certificate.

• Complete the Additional Logging Configuration form.

  • Optional: Use the Add Field button to add custom log fields to your logging configuration. These fields are key value pairs (such as foo=bar) that you can use to filter the logs from another system.

Result: Rancher is now configured to send cluster and container logs to Elasticsearch. Log into Elasticsearch or Kibana to view your cluster/project logs.