K8s & Edge
Check out this demo to see how you can monitor Kubernetes (K8S) easily AND quickly with Cribl Edge, Cribl’s intelligent agent for IT and security. And see how simple it can be to route, store, and search that data, or ANY data, using Lake and Search.
Ready to dig in?
New to Cribl? Click the 'Tell me more' button below to learn more about the Cribl suite of products and how they work together to form a powerful Data Engine for IT and Security your data.
Not so new? Or just impatient? Click "Start Demo" and let's route!
Kubernetes and Cribl Edge
Check out this demo to see how you can monitor Kubernetes (K8S) easily AND quickly with Cribl Edge, Cribl’s intelligent agent for IT and security. And see how simple it can be to route, store, and search that data, or ANY data, using Lake and Search.
Using Edge
First, we'll navigate to Edge by clicking Manage.
Living on the Edge
We are in our Point of Sale (POS) application Fleet. Fleets are how Edge nodes are organized for configuration management.
If we want to monitor Kubernetes, we can install the Edge agent as a daemonset. The nodes UI gives us a convenient script with a helm chart we can deploy to get up and running fast. We can copy the script and run this in Kubernetes.
Checking In
After running the script and a short wait, our Edge agent on K8S is checking in and ready to collect and route data.
Plumbing It Up
In the Quick Connect interface, we can get our Edge Sources routed out to our Destinations by just dragging the plus sign on the source on the left across to the Destination on the right.
Our collected Kubernetes data is routed to Cribl Stream via an included Cribl HTTP Destination. We could apply a data Pipeline to our Edge connection here, but in cases where we have a lot of data that might need a lot of processing like K8S, we can instead have Stream do the hard work. You can choose!
Reduce the Noise
Kubernetes data is quite verbose and can be optimized. Pipelines can reduce, enrich, and format the data. Let’s look at an example with Kubernetes event logs.
This simple Pipeline on the left does renaming and field removal to make logs lower volume AND easier to read.
The Before
Here is a sample of our the data looks on the way in before our Pipeline is applied ...
The Result
… and here’s the after! These logs are optimized by about 90% and are infinitely more user friendly.
With the data able to be optimized, let’s get it sent to Cribl Lake for storage and searching.
Easy to Setup, Easy to Use
We’ve set up a Lake Destination for each of our different log types. Here’s the one for Kubernetes events. We can customize the retention to suit our compliance and analytics needs.
Lake provides a simple and fully managed service that eliminates the hassle of other options. And it works seamlessly with other Cribl services. Store the data however and as long as you like. Let's take a look at the Stream Routes to see how to do it.
Get It There
In Stream, we configure our data Routes to take a Source, apply a Pipeline if desired, and send it to any Destination.
Take a look at the K8S Events to Lake Route. It’s coming from our Cribl HTTP source from Edge. The Filter expression looks for a field we added called ‘logtype’ to work on certain events. We’ve applied our optimization Pipeline, and the matching data will land in our events Lake Destination. Once it's there, we can use Cribl Search for analysis.
Searching It
Let’s look at another K8S dataset - our application logs. These can be difficult to get out of K8S; with Cribl, it’s just a few clicks. Creating a Lake destination also creates a Cribl Search Dataset. We’ve navigated over to Search and can run queries against it.
Here’s a basic search using the namespace field to filter down to our “Point of Sale” (POS) logs. Our data is in the Lake but we can Search it anytime.
Not Just Ad Hoc
Search can do more than just manual analytics. Check out this dashboard for our app logs. We can get detailed and current information about our data. And that's not all; we can do alerts, scheduled searches, and more!
Starting From the Edge
Using Cribl to help monitor Kubernetes gets you up and running fast and with fewer clicks. With easy to use deployments, tools to help optimize and organize data, and analytics capabilities that tie it all together, we hope you’ll try out the Cribl suite to give you the ultimate choice, control, and flexibility for your data challenges.
Feel free to shedule a demo or try cribl by clicking on either.
Schedule a demoTry Cribl