Filter DNS logs
Calico Cloud supports filtering out DNS logs based on user provided configuration. Use filtering to suppress logs of low significance.
Configure DNS filtering
DNS log filtering is configured through a ConfigMap in the
To enable DNS log filtering, follow these steps:
- Create a
filtersdirectory with a file named
dnswith the contents of your desired filter using Filter configuration files. If you are also adding flow filters also add the
flowfile to the directory.
- Create the
fluentd-filtersConfigMap in the
tigera-operatornamespace with the following command.
kubectl create configmap fluentd-filters -n tigera-operator --from-file=filters
Filter configuration files
The filters defined by the ConfigMap are inserted into the fluentd configuration file. The upstream fluentd documentation describes how to write fluentd filters. The DNS log schema can be referred to for the specification of the various fields you can filter based on. Remember to ensure that the config file is properly indented in the ConfigMap.
Example 1: filter out cluster-internal lookups
This example filters out lookups for domain names ending with ".cluster.local". More
logs could be filtered by adjusting the regular expression "pattern", or by adding
Example 2: keep logs only for particular domain names
This example will filter out all logs except those for domain names ending