IBM Cloud Docs
Logging for IBM Cloud Kubernetes Service

Logging for IBM Cloud Kubernetes Service

IBM Cloud services, such as IBM Cloud Kubernetes Service, generate platform logs that you can use to investigate abnormal activity and critical actions in your account, and troubleshoot problems.

You can use IBM Cloud Logs Routing, a platform service, to route platform logs in your account to a destination of your choice by configuring a tenant that defines where platform logs are sent. For more information, see About Logs Routing.

You can use IBM Cloud Logs to visualize and alert on platform logs that are generated in your account and routed by IBM Cloud Logs Routing to an IBM Cloud Logs instance.

As of 28 March 2024, the IBM Log Analysis service is deprecated and will no longer be supported as of 30 March 2025. Customers will need to migrate to IBM Cloud Logs before 30 March 2025. During the migration period, customers can use IBM Log Analysis along with IBM Cloud Logs. Logging is the same for both services. For information about migrating from IBM Log Analysis to IBM Cloud Logs and running the services in parallel, see migration planning.

Locations where logs are generated

IBM Cloud Kubernetes Service logs are generated in all regions.

Locations where logs are sent to IBM Log Analysis

IBM Cloud Kubernetes Service sends logs to IBM Log Analysis in all regions.

Locations where logs are sent by IBM Cloud Logs Routing

IBM Cloud Kubernetes Service sends logs by IBM Cloud Logs Routing in all regions.

Logs that are generated

Logs are generated and written locally for all the following IBM Cloud Kubernetes Service cluster components: worker nodes, containers, applications, persistent storage, Ingress application load balancer, Kubernetes API, and the kube-system namespace.

A logging agent collects logs with the extension *.log and extensionless files that are stored in the /var/log directory of your pod from all namespaces, including kube-system. The agent then forwards the logs to your service instance. You can also track user-initiated administrative activity made in your cluster. Kubernetes Service automatically generates cluster management events and forwards these event logs to IBM Cloud Logs. For more information, see Getting started with IBM Cloud Logs.

To deploy a logging agent to your cluster, see Managing the Logging agent for Red Hat OpenShift on IBM Cloud clusters or Managing the Logging agent for IBM Cloud Kubernetes Service clusters.

Enabling logging

To enable logging for your cluster, connect your cluster to a logging service instance that exists in your IBM Cloud account. You can enable logging in existing clusters, or during cluster create time. The logging service instance must belong to the same IBM Cloud account where you created your cluster, but can be in a different resource group and IBM Cloud region than your cluster.

Note that a cluster can only be connected to one logging service instance at a time. You can change which logging service instance a cluster is connected in to in the console by disconnecting the cluster from one instance and then connecting to a different instance.

Enable logging in an existing cluster

  1. If you do not already have a logging service instance in your account, create one.
  2. In the console, navigate to the cluster resource page and click on the relevant cluster.
  3. Under Integrations, find the logging option and click Connect.
  4. Select the logging service instance you want to connect to your cluster. If you have more than one logging service instance, you can filter them by the region they were created in.
  5. Click Connect.

Enable logging while creating a cluster

  1. If you do not already have a logging service instance in your account, create one.
  2. In the cluster create UI, configure you cluster as required.
  3. In the Observability integrations section, enable the Logging option.
  4. Select the instance you want to connect to your cluster.
  5. Continue configuring the cluster.

Viewing logs

To view your logs, navigate to your cluster resource page in the console and click on the relevant cluster. In the Integrations section, find the Logging option and click Launch. A separate window opens where you can view your cluster logs.

Launching IBM Cloud Logs from the Observability page

For more information about launching the IBM Cloud Logs UI, see Launching the UI in the IBM Cloud Logs documentation.

Fields by log type

For information about fields included in every platform log, see Fields for platform logs.

Log record fields
Field Type Description
logSourceCRN Required Defines the account and flow log instance where the log is published.
saveServiceCopy Required Defines whether IBM saves a copy of the record for operational purposes.

Line identifiers by type

Log record fields
Identifier Description
Source The service the logs are sent from.
App The CRN of the component or service that sent the log.

Analyzing IBM Cloud Kubernetes Service logs

You can view your logs to view details on events that affect your cluster components. For example, in the event of a pod failure you can view your logs in the dashboard to see related error messages.

Migrating from Log Analysis and Activity Tracker to Cloud Logs

Log Analysis and Activity Tracker are deprecated and support ends on 28 March 2025. For more details about the deprecation, including migration steps, see Migrating to Cloud Logs.

You need to migrate if your clusters are using the deprecated logging agent.

Also, the observability CLI plug-in ibmcloud ob and the v2/observe endpoints are deprecated and support ends on 28 March 2025. You can now manage your logging and monitoring integrations from the console or through the Helm charts.

Check if your clusters are using the deprecated agent.

  1. Run the following command. If a logging config is returned, you must migrate your existing Log Analysis and Activity Tracker instances to Cloud Logs instances.
    ibmcloud ob logging config ls --cluster <cluster>
  2. The Cloud Logs service has provided migration guides for moving your instances. For more information, see Migrating instances.

Enabling your clusters to use your Cloud Logs instance

After you’ve migrated your Log Analysis and Activity Tracker instances to Cloud Logs, you must enable your clusters to use the new instances.

You can migrate your clusters from the Console or by using the CLI.

Enabling Cloud Logs in the console

  1. From the cluster dashboard, disable Log Analysis and Activity Tracker.
  2. Enable the Cloud Logs integration.

Enabling Cloud Logs in the CLI

  1. Delete your deprecated logging config.

    ibmcloud ob logging config delete --cluster INSTANCE --instance INSTANCE

  2. Enable the Cloud Logs Helm chart in your cluster. For more information, see the following links