Rancher Version: 2.4.5
I am looking for a method to limit the number of logs being sent to Elasticsearch to simply the pods. Recently I enabled the default settings from our cluster which resulted in 600GB of data being sent to Elasticsearch every 30 minutes. Which as you can imagine, is not helpful and harmful to the network.
Limiting to pod logs, which I am most concerned about, and or just finding a way not to send anything and everything to ES would be great.
Thank you
Quick update.
Unchecking the box for System Logs does help with the volume, but only a very small amount. After I was still seeing the cluster sending Elasticsearch more than 1 million records in the span of three minutes which is still far too much to be of any use for a cluster of this size.
Iām thinking my answer lies in the Additional Logging Configuration section but I can find no documentation regarding this section. It contains some information which is in relation to my cluster and some point to IP addresses that are not.
Is there any documentation regarding Additional Logging Configuration anywhere?