堆栈内存溢出
  简体   繁体   English

Azure日志分析不会在Azure Kubernetes服务上检索NGINX入口的日志

[英]Azure Log Analytics don't retrieve log of NGINX Ingress on Azure Kubernetes Service

 原文  2018-11-07 13:56:09       nginx/ azure-log-analytics/ azure-kubernetes

问题描述

I am new to Kubernetes and NGINX Ingress on Microsoft Azure. 我是Microsoft Azure上的Kubernetes和NGINX Ingress的新手。 I got an issue about analyzing log of NGINX Ingress. 我遇到了有关分析NGINX Ingress日志的问题。

Here is the log in my NGINX Ingress pods: 这是我的NGINX Ingress窗格中的日志: 

duc@Azure:~$ kubectl logs ducphuongkhang-ingress-nginx-ingress-controller-869b8b966-877bq -n kube-system | grep 'lua'

2018/11/06 16:36:55 [warn] 961#961: *10059 [lua] log.lua:52: {"timestamp":1541522215,"method":"GET","uri":"\/vulnerabilities\/sqli\/","id":"dba39b7d7dc8646b779e","client":"10.244.0.1","alerts":[{"match":1,"msg":"SQL String Termination","id":41003},{"match":1,"msg":"SQL probing attempt","id":41032},{"logdata":8,"match":8,"msg":"Request score greater than score threshold","id":99001}]} while logging request, client: 10.244.0.1, server: dvwa.thesis.analyticsvn.com, request: "GET /vulnerabilities/sqli/?id=%27&Submit=Submit HTTP/2.0", host: "dvwa.thesis.analyticsvn.com", referrer: "https://dvwa.thesis.analyticsvn.com/vulnerabilities/sqli/?id=1%3D1&Submit=Submit"
2018/11/06 16:37:02 [warn] 961#961: *10059 [lua] log.lua:52: {"timestamp":1541522222,"method":"GET","uri":"\/vulnerabilities\/sqli\/","id":"4ac4e0dfe317dcd86346","client":"10.244.0.1","alerts":[{"match":1,"msg":"SQL String Termination","id":41003},{"match":1,"msg":"SQL probing attempt","id":41032},{"logdata":8,"match":8,"msg":"Request score greater than score threshold","id":99001}]} while logging request, client: 10.244.0.1, server: dvwa.thesis.analyticsvn.com, request: "GET /vulnerabilities/sqli/?id=%27&Submit=Submit HTTP/2.0", host: "dvwa.thesis.analyticsvn.com", referrer: "https://dvwa.thesis.analyticsvn.com/vulnerabilities/sqli/?id=1%3D1&Submit=Submit"
2018/11/06 16:37:02 [warn] 961#961: *10059 [lua] log.lua:52: {"timestamp":1541522222,"method":"GET","uri":"\/vulnerabilities\/sqli\/","id":"d0eae7d54dc99773ecc0","client":"10.244.0.1","alerts":[{"match":1,"msg":"SQL String Termination","id":41003},{"match":1,"msg":"SQL probing attempt","id":41032},{"logdata":8,"match":8,"msg":"Request score greater than score threshold","id":99001}]} while logging request, client: 10.244.0.1, server: dvwa.thesis.analyticsvn.com, request: "GET /vulnerabilities/sqli/?id=%27&Submit=Submit HTTP/2.0", host: "dvwa.thesis.analyticsvn.com", referrer: "https://dvwa.thesis.analyticsvn.com/vulnerabilities/sqli/?id=1%3D1&Submit=Submit"
2018/11/06 16:37:03 [warn] 961#961: *10059 [lua] log.lua:52: {"timestamp":1541522223,"method":"GET","uri":"\/vulnerabilities\/sqli\/","id":"be18d7e7800e86789d5d","client":"10.244.0.1","alerts":[{"match":1,"msg":"SQL String Termination","id":41003},{"match":1,"msg":"SQL probing attempt","id":41032},{"logdata":8,"match":8,"msg":"Request score greater than score threshold","id":99001}]} while logging request, client: 10.244.0.1, server: dvwa.thesis.analyticsvn.com, request: "GET /vulnerabilities/sqli/?id=%27&Submit=Submit HTTP/2.0", host: "dvwa.thesis.analyticsvn.com", referrer: "https://dvwa.thesis.analyticsvn.com/vulnerabilities/sqli/?id=1%3D1&Submit=Submit"

And here is my Azure Analytics Log query, which return no value: 这是我的Azure Analytics Log查询,该查询没有返回值: 

ContainerLog | where LogEntry contains "lua"

I want to collect logs that generated by NGINX Ingress (with lua-resty-waf enable) with Azure Log Analytics. 我想使用Azure Log Analytics收集NGINX Ingress生成的日志(启用lua-resty-waf)。 Please help me to get there. 请帮助我到达那里。

Thank you. 谢谢。

1 个解决方案

解决方案1
 0  2018-11-08 18:24:39

After doing the research, I found out that the Azure Log Analytics with OMS Agent in Kubernetes don't support to collect data in the namespace 'kube-system'. 经过研究,我发现Kubernetes中的带OMS代理的Azure日志分析不支持在名称空间“ kube-system”中收集数据。 Deploy the Ingress in another namespace will allow the Log Analytics to collect log. 将Ingress部署在另一个名称空间中将允许Log Analytics收集日志。

Reference: https://github.com/Azure/AKS/issues/293 参考: https : //github.com/Azure/AKS/issues/293 

$ kubectl describe deployments omsagent-rs -n kube-system
Pod Template:
  Labels:           rsName=omsagent-rs
  Annotations:      agentVersion=1.6.0-42
                    dockerProviderVersion=2.0.0-3
  Service Account:  omsagent
    Environment:
      DISABLE_KUBE_SYSTEM_LOG_COLLECTION:  true

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 用于Azure Kubernetes Service 502错误网关的Nginx入口控制器 - nginx-ingress controller for Azure Kubernetes Service 502 Bad Gateway kubernetes nginx入口日志未显示外部ips - kubernetes nginx ingress log not displaying external ips 使用 Azure 在 Kubernetes 中创建 NGINX 入口控制器 - Create an NGINX ingress controller in Kubernetes, using Azure 将所有 TCP 和 UDP 端口从负载均衡器转发到 Azure Kubernetes 服务上的 nginx 入口 - Forward all TCP and UDP ports from load balancer to nginx ingress on Azure Kubernetes Service Deploying.Net Core WebApi Docker Image to Azure Kubernetes Service using Nginx Ingress Controller - Deploying .Net Core WebApi Docker Image to Azure Kubernetes Service using Nginx Ingress Controller Configuring Static IP address with Ingress Nginx Sticky Session on Azure Kubernetes - Configuring Static IP address with Ingress Nginx Sticky Session on Azure Kubernetes 在 Nginx 上配置 TCP 端口 Azure Z30136395F018797812198317C 上的入口 - Configure TCP Port on Nginx Ingress on Azure Kubernetes Cluster (AKS) NGINX控制器安装在Azure Kubernetes服务上 - NGINX controller install on Azure Kubernetes service nginx 入口控制器无法访问后端服务? - nginx ingress controller don't reach backend service? Kubernetes nginx 入口找不到后端服务 - Kubernetes nginx ingress cannot find backend service
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM