如何使用 kql 查询查找哪个 pod 在 AKS 集群中摄取更多数据?
[英]How to find which pod is taking more data ingestion in AKS cluster using kql query?
问题描述
I am trying to figure out which pod is producing more billable data ingestion in AKS for log analytics.
我试图找出哪个 pod 在 AKS 中产生更多的计费数据摄取以进行日志分析。
I tried several queries and I found only a query that checks the particular node我尝试了几个查询,但只发现一个检查特定节点的查询
Is there any query to check the whole pod data ingestion per namespace to find out billable data ingestion?是否有任何查询来检查每个命名空间的整个 pod 数据摄取以找出计费数据摄取?
Thank you?谢谢?
1 个解决方案
解决方案1
0 2022-04-22 07:51:19
The default query shows logs per container, and not per pod as you would expected from a Kube.netes-specific logging system.默认查询显示每个容器的日志,而不是像您期望的 Kube.netes 特定日志系统那样显示每个 pod。
You can use below KQL query in Log Analytics Workspace -> View Designer -> click on logs button in the header->Logging AKS Test->Container Log.您可以在 Log Analytics 工作区 -> 视图设计器 -> 单击标题中的日志按钮 -> 记录 AKS 测试 -> 容器日志中使用以下 KQL 查询。
let startTimestamp = ago(1h);
KubePodInventory
| where TimeGenerated > startTimestamp
| project ContainerID, PodName=Name
| distinct ContainerID, PodName
| join
(
ContainerLog
| where TimeGenerated > startTimestamp
)
on ContainerID
// at this point before the next pipe, columns from both tables are available to be "projected". Due to both
// tables having a "Name" column, we assign an alias as PodName to one column which we actually want
| project TimeGenerated, PodName, LogEntry, LogEntrySource
| order by TimeGenerated desc
For more information please refer this Document有关更多信息,请参阅此文档
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.