Logging

The Digital Enterprise Suite (DES) and Digital Distributed Container (DDC) logging can be configured to integrate with a centralized logging system or a Security Information and Event Manager (SIEM).

Log Sources

Three different components of the DES and DDC emits logs that are routed on the standard output of the pod. Kubernetes is normally configured to route those logs toward a system capable of archiving them and analyzing them.

Application Logs

Application logs are at the application layer and each function of the pod output relevant information about the processing at different levels (info, warning, error, ...). Those logs are recommended to be on to properly audit and diagnose problems that may occur at runtime. They will contain for instance software error stack trace when a processing error occurs.

Application logs are turned on by default and can be turned off by setting the helm variable logging.app to false.

--set logging.app=false

Events Logs

Events logs are at the Asynchronous Events layer and log the basic information contained into emitted messages. These logs are recommended to be on unless a console emitter is configured to have better control on which events are logged.

Events logs are turned on by default and can be turned off by setting the helm variable logging.access to false.

--set logging.events=false

Access Logs

Access logs are at the web transport layer and will output requests and response information for all calls being made to the pod. Depending on your ingress strategy, those logs could be duplicated from your ingress log and you may want to consider turning them off.

Access logs are turned on by default and can be turned off by setting the helm variable logging.access to false.

--set logging.access=false

Log Format

The log format can be controlled using the logging.type helm variable. By default, the CONSOLE format will be used but other formats are supported.

To change the format, set the helm variable according to the desired format.

--set logging.type=<TYPE>

Type	Description
CONSOLE	Logs are formatted to be human readable. This is the default value. This format is the easiest to read for a human but the most complex to parse by a system.
NONE	No logs are sent to the standard output.
JSON	Logs are formatted using the JSON Lines format (one JSON object per line) using agnostic JSON keys.
GCP	Logs are formatted using the JSON Lines format (one JSON object per line) using JSON keys aligned with the Google Cloud Platform (GCP) recommended keys for Cloud Logging.
AWS	Logs are formatted using the JSON Lines format (one JSON object per line) using JSON keys aligned with the Amazon Web Service (AWS) recommended keys for Cloud Watch.

Type

Description

CONSOLE

Logs are formatted to be human readable. This is the default value. This format is the easiest to read for a human but the most complex to parse by a system.

NONE

No logs are sent to the standard output.

JSON

Logs are formatted using the JSON Lines format (one JSON object per line) using agnostic JSON keys.

GCP

Logs are formatted using the JSON Lines format (one JSON object per line) using JSON keys aligned with the Google Cloud Platform (GCP) recommended keys for Cloud Logging.

AWS

Logs are formatted using the JSON Lines format (one JSON object per line) using JSON keys aligned with the Amazon Web Service (AWS) recommended keys for Cloud Watch.