I have integrated splunk with ocp and able to see the logs on openshift openshiftlab1_logging but not on openshiftlab1_metrics openshiftlab1_objects.Could any one let me know the issue in the file.
global:
logLevel: info
journalLogPath: /run/log/journal
splunk:
hec:
host: 10.133.8.98
port: 8088
token: 36698f4f-db56-45b8-8bf3-cc0d12ab433
protocol: http
indexName: openshift
insecureSSL: true
#clientCert:
#clientKey:
#caFile:
kubernetes:
clusterName: "openshiftlab"
openshift: true
splunk-kubernetes-logging:
enabled: true
logLevel: debug
splunk:
hec:
host: 10.133.8.98
port: 8088
token: 36698f4f-db56-45b8-8bf3-cc0d12ab433
protocol: http
indexName: openshiftlab1_logging
insecureSSL: true
#clientCert:
#clientKey:
#caFile:
containers:
logFormatType: cri
logs:
kube-audit:
from:
file:
path: /var/log/kube-apiserver/audit.log
splunk-kubernetes-metrics:
rbac:
create: true
serviceAccount:
create: true
name: splunk-kubernetes-metrics
enabled: true
splunk:
hec:
host: 10.133.8.98
port: 8088
token: 36698f4f-db56-45b8-8bf3-cc0d12ab433
protocol: http
indexName: openshiftlab1_metrics
insecureSSL: true
#clientCert:
#clientKey:
#caFile:
kubernetes:
openshift: true
splunk-kubernetes-objects:
rbac:
create: true
serviceAccount:
create: true
name: splunk-kubernetes-objects
enabled: true
kubernetes:
openshift: true
splunk:
hec:
host: 10.133.8.98
port: 8088
token: 36698f4f-db56-45b8-8bf3-cc0d12ab433
protocol: http
insecureSSL: true
indexName: openshiftlab1_objects
#clientCert:
#clientKey:
#caFile:
objects:
core:
v1:
- name: pods
interval: 30s
- name: namespaces
interval: 30s
- name: nodes
interval: 30s
- name: services
interval: 30s
- name: config_maps
interval: 30s
- name: persistent_volumes
interval: 30s
- name: service_accounts
interval: 30s
- name: persistent_volume_claims
interval: 30s
- name: resource_quotas
interval: 30s
- name: component_statuses
interval: 30s
- name: events
mode: watch
apps:
v1:
- name: deployments
interval: 30s
- name: daemon_sets
interval: 30s
- name: replica_sets
interval: 30s
- name: stateful_sets
interval: 30s