After completing this section, you should know how to view application logs in Kibana, navigate the list of fields, and create/save queries.
We will setup a sample application that will produce a log entry every 5 seconds.
oc -n [-dev] new-app --name logging-app \
--context-dir=openshift-201/materials/logging \
https://github.com/BCDevOps/devops-platform-workshops
You should see output similar to the follow:
...output omitted...
imagestream.image.openshift.io "logging-app-jmacdonald" created
buildconfig.build.openshift.io "logging-app-jmacdonald" created
deployment.apps "logging-app-jmacdonald" created
service "logging-app-jmacdonald" created
--> Success
...output omitted...
Use the oc -n [-dev] logs command to check the build logs from the logging-app build:
oc -n [-dev] logs -f bc/logging-app...output omitted... Writing manifest to image destination Storing signatures ...output omitted... Push successful
You can access Kibana directly at this url or it is also accessible from the OpenShift console.
Note: If you receive an unauthorized error (e.g. {"statusCode":401,"error":"Unauthorized","message":"Authentication Exception"}), follow steps here to fix: https://stackoverflow.developer.gov.bc.ca/a/119/16
Select the running pod that was just created:
Navigate to the Logs tab and click the Show in Kibana link
If this is your first time logging in to Kibana you may see a screen to setup a search index. See the steps in the Logging and Visualizations 101 lab here.
To view logs click on the Discover tab on the left navigation pane.
By default you will see something like this:
- Index Pattern you created above.
- Fields selected to show (
_sourceis selected by default) - Available Fields to add to your display
- Log entries that match the filter, search, etc.
- Current activity given the time frame chosen
- Search bar used to search for specific entries
- Time frame chosen for the logs shown (default is last 15 minutes)
Let's select 2 fields for viewing from the Available fields panel on the left.
kubernetes.container_name- this is the name of the container running in kubernetes. This should belogging-appmessage- is the message from our application
Your screen should look similar to following:
Let's say we are only interested in the messages with the number 10 in them. Change the search terms to be the following:
kubernetes.container_name:"logging-app" AND message:10
NOTE if you aren't seeing results it may have been more than 15 minutes since the entry with the number 10 was logged. If so, change the timeframe in the upper right corner to Last 30 minutes or higher if needed.
Notice Kibana highlights your search term.
If you want to save your query (including the selected fields) click the save button at the top.
If you plan on doing a Google type search you can use a query. If you are selecting a possible value from a drop down like the kubernetes.container_name it can be faster to use a filter.
Clear out the text in your search bar and then click the Add a filter + button just below the search bar:
Choose the kubernetes.container_name for the field, is as the operator and logging-app as the value and then click save.
You should now only see your entries in the list similar to the query we performed above. You can also save this filter by clicking the save button at the top just like we did with the query.
There are many fields available to choose from. Feel free to experiment with adding other fields to your results. For example you could add the kubernetes.container_image to your list if you are interested in looking at which version of the app the logs are from.
The queries we did in this lab are pretty simple. Take a look at the Kibana Query Language for more information on how to write complex queries.
To clean up the lab environment run the following command to delete all of the resources we created:
oc -n [-dev] delete all -l app=logging-app
deployment.apps "logging-app" deleted
buildconfig.build.openshift.io "logging-app" deleted
imagestream.image.openshift.io "logging-app" deletedNext topic - Best Practices of Image Management