forked from pivotal-cf/docs-pks
-
Notifications
You must be signed in to change notification settings - Fork 0
/
_logging.html.md.erb
28 lines (23 loc) · 1.69 KB
/
_logging.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
You can designate an external syslog endpoint for forwarded BOSH-deployed VM logs.
In addition, you can enable sink resources to collect PKS cluster and namespace log messages.
To configure logging in PKS, do the following:
1. Click **Logging**.
1. To enable syslog forwarding for BOSH-deployed VM logs, select **Yes**.
![Enable syslog forwarding](images/logging.png)
1. Under **Address**, enter the destination syslog endpoint.
1. Under **Port**, enter the destination syslog port.
1. Select a transport protocol for log forwarding.
1. (Optional) Pivotal strongly recommends that you enable TLS encryption when forwarding logs as they may contain sensitive information. For example, these logs may contain cloud provider credentials. To enable TLS, perform the following steps:
1. Under **Permitter Peer**, provide the accepted fingerprint (SHA1) or name of remote peer. For example, `*.YOUR-LOGGING-SYSTEM.com`.
1. Under **TLS Certificate**, provide a TLS certificate for the destination syslog endpoint.
<p class="note"><strong>Note</strong>: You do not need to provide a new certificate if the TLS certificate for the destination syslog endpoint is signed by a Certificate Authority (CA) in your BOSH certificate store.
</p>
<% if current_page.data.iaas == "vSphere" || current_page.data.iaas == "vSphere-NSX-T" %>
1. <%= partial 'vrealize-logs' %>
<% else %>
1. To enable clusters to drain Kubernetes API events and pod logs to sinks using `syslog://`, select **Enable Sink Resources**.
For more information about using sink resources,
see [Creating Sink Resources](create-sinks.html).<br>
<img src="images/sink-resource.png" width="320" alt="Enable sink resource checkbox">
1. Click **Save**.
<% end %>