Shipping Kubernetes events

Kubernetes events are a resource type that Kubernetes automatically creates when other resources get state changes, errors, or other messages that should be shared across the system.

This guide uses the kubernetes-event-exporter tool to ship kubernetes events to

Sending logs from nodes with taints

If you want to ship logs from any of the nodes that have a taint, make sure that the taint key values are listed in your in your daemonset/deployment configuration as follows:

- key: 

To determine if a node uses taints as well as to display the taint keys, run:

kubectl get nodes -o json | jq ".items[]|{, taints:.spec.taints}"
Create monitoring namespace
kubectl create namespace monitoring
Store your credentials

Save your shipping credentials as a Kubernetes secret. To do this, customize the sample command below to your specifics and run it.

kubectl create secret generic logzio-events-secret \
  --from-literal=logzio-log-shipping-token='<<LOG-SHIPPING-TOKEN>>' \
  --from-literal=logzio-log-listener='<<LISTENER-HOST>>' \
  -n monitoring
  • Replace <<LISTENER-HOST>> with the host for your region. For example, if your account is hosted on AWS US East, or if hosted on Azure West Europe. The required port depends whether HTTP or HTTPS is used: HTTP = 8070, HTTPS = 8071.
  • Replace <<LOG-SHIPPING-TOKEN>> with the token of the account you want to ship to.
kubectl apply -f
Check for your events

Give your events some time to get from your system to ours, and then open Open Search Dashboards.

If you still don’t see your logs, see Kubernetes log shipping troubleshooting.