After deploy splunk-connect-for-k8s 1.3, I saw lots of warning msg from splunk-splunk-kubernetes-logging:
2020-02-19 02:50:09 +0000 [warn]: #0 [containers.log] /var/log/containers/splunk-splunk-kubernetes-logging-4wqnj_default_splunk-fluentd-k8s-logs-e403ac1d989b252566536f844f3817ac9334ac1dbc80bbfeda04fb063dac65a8.log unreadable. It is excluded and would be examined next time.
it seems all of the pods logs are skipped and unreadable, I can find them under /var/log/containers, but they are softlinks.
Not sure if this caused any issues. K8s cluster is deployed by kubespray.