LogSense Blog

See everything, even before it happens.

Kubernetes Logging Techniques with a LogSense Perspective

Sep 24, 2019 7:35:00 AM |     Michael Fishman

The importance of effective, easily understandable logging – especially for software developers, network engineers, and IT leaders – keeps increasing with the development of powerful new applications, troubleshooting challenges, and pressing security demands.

As new, more sophisticated applications are developed and bundled, the convenience of containers is undeniable. For example, in production environments, effective container management can avoid expensive downtime.

Kubernetes Management Platform

Kubernetes is ubiquitous for managing containerized workloads and services. Kubernetes is a name derived from the Greek for "helmsman" or "pilot" and proceeds from Google, which opensourced the project in 2014. Strengthened by new ideas and refined by IT community best practices, Kubernetes is a force, even if it does come with application monitoring challenges.

At a conference in Poland in July, LogSense's Marcin "Perk" Stozek gave a talk on the topic titled, "Kubernetes Logging Techniques with a Touch of LogSense” and it was well received. He explored how our patent-pending LogSense technology makes sense of all Kubernetes logs--regardless of their format or structure.

Apps, of course, may log things as a local file or at a remote location. The use and effectiveness of screening for logging errors will, to an extent, determine complications with multi-line unstructured logs.

Kubernetes provides users with a host of benefits: load balancing, storage orchestration, automated rollout and rollback (e.g., creating new containers), self-healing (by eliminating no-longer-effective containers), or configuration management. All of these application bundles use and depend upon the effectiveness of logging.

Logging Solutions: Native or Independent

Application and systems logs can enable users to understand what is going on inside a particular cluster or bundle of containerized apps (for example, debugging problems and monitoring cluster activity). Applications themselves always have some variety of logging system as do most container drivers. The most widely used logging method for containerized applications is to write to the standard output and standard error streams.

Perk also delved into Docker technology, the platform for developers and systems administrators who develop, ship, and run applications. The Docker process running on the host server manages images and containers. Users must narrow down which storage drivers they can choose, based on the characteristics of their workload and the level of stability they require.

Unfortunately, inherent or "native" functionality found in container engines is not adequate for a complete logging solution. Let's says that a container crashes, a pod is evicted, or a node dies. Most troubleshooters will want to access the application’s logs, which should have separate storage and operation independent of nodes, pods, or containers. Kubernetes, even for all its benefits, does not provide a native storage solution for log data.

State of the Art Logging Solution

The solution is to integrate into your Kubernetes cluster a state-of-the-art logging solution – like LogSense. The LogSense patent-pending AI technology makes sense of log files regardless of what they look like. LogSense transforms unstructured data into structured data. It makes it very easy to create charts and dashboards out of sources that are treated as a plain text by other products.

Whatever is going on "out there"—distributed users, applications, data, performance issues—LogSense simplifies how you collect and analyze data so that you gain deep insights across your full application and infrastructure stack—and it is regardless of where that data resides. Node-level logging, cluster-level logging architecture (including sidecar containers with a logging agent), or logging from applications: LogSense makes it easy to understand what is actually happening in your environment. You can use it to submit any type of log discussed here, and many others, for parsing and analysis. Specific training or agents are not necessary, and there’s no need to write any parsers. In a sense, LogSense makes observability and log management hassle free - and useful!

Going well beyond this, however, LogSense can deal with logs even where the pattern is unknown -- using our patent-pending automated pattern discovery technology. Once parsed (and LogSense does the parsing), those logs are displayed so that the keys can be renamed if required, and so that future logs will be recognized with those keys. The result is immediate availability for charting and alerting based on any criteria that you wish to define.

Whatever your management platform, LogSense makes sense

You may choose Kubernetes for managing your containers and container clusters—or chose some other management system. But at the heart of your IT effectiveness, security, and reliability will be empowering yourself with complete, accessible understanding of log data.

With LogSense, you will invest less (on average 50% less) for higher capacity limits—and you can get started for free – either on our free trial or with our limited-time special offer for just $5/month for the first year if you sign up by September 30. Ready to get started?

New call-to-action



 New call-to-action

Topics: Kubernetes

Want more of the LogSense Blog? You got it.
Subscribe to our newsletter.