如何修改fluent-bit的配置，使之不采集指定deloyment的日志。

参考这篇：https://fluentbit.io/documentation/0.13/input/tail.html，添加Exclude_Path
kubectl edit fluentbit -n kubesphere-logging-system fluent-bit

  input:
  - name: fluentbit-input
    parameters:
    - name: Name
      value: tail
    - name: Path
      value: /var/log/containers/*.log
    - name: Exclude_Path
      value: /var/log/containers/jackfruit810*.log
    - name: Parser
      value: docker

这里的jackfruit810就是我的deloyment

huanggze
好的，我再看看fluentbit-operator

huanggze

https://github.com/kubesphere/fluentbit-operator/blob/master/docs/plugins/filter/kubernetes.md

kubeURL	API Server end-point	string
kubeCAFile	CA certificate file	string
kubeCAPath	Absolute path to scan for certificate files	string
kubeTokenFile	Token file	string
kubeTagPrefix	When the source records comes from Tail input plugin, this option allows to specify what's the prefix used in Tail configuration.	string
mergeLog	When enabled, it checks if the log field content is a JSON string map, if so, it append the map fields as part of the log structure.	*bool
mergeLogKey	When Merge_Log is enabled, the filter tries to assume the log field from the incoming message is a JSON string message and make a structured representation of it at the same level of the log field in the map. Now if Merge_Log_Key is set (a string name), all the new structured fields taken from the original log content are inserted under the new key.	string
mergeLogTrim	When Merge_Log is enabled, trim (remove possible \n or \r) field values.	*bool
mergeParser	Optional parser name to specify how to parse the data contained in the log key. Recommended use is for developers or testing only.	string
keepLog	When Keep_Log is disabled, the log field is removed from the incoming message once it has been successfully merged (Merge_Log must be enabled as well).	*bool
tlsDebug	Debug level between 0 (nothing) and 4 (every detail).	*int32
tlsVerify	When enabled, turns on certificate validation when connecting to the Kubernetes API server.	*bool
useJournal	When enabled, the filter reads logs coming in Journald format.	*bool
regexParser	Set an alternative Parser to process record Tag and extract pod_name, namespace_name, container_name and docker_id. The parser must be registered in a parsers file (refer to parser filter-kube-test as an example).	string
k8sLoggingParser	Allow Kubernetes Pods to suggest a pre-defined Parser (read more about it in Kubernetes Annotations section)	*bool
k8sLoggingExclude	Allow Kubernetes Pods to exclude their logs from the log processor (read more about it in Kubernetes Annotations section).        *bool

https://github.com/kubesphere/fluentbit-operator/blob/master/manifests/logging-stack/filter-kubernetes.yaml

  - kubernetes:
      kubeURL: https://kubernetes.default.svc:443
      kubeCAFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
      kubeTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
      labels: false
      annotations: false

“Kubernetes filter 插件开启 K8S-Logging.Exclude”,我找到以上两个文档，是不是修改filter-kubernetes.yaml，添加k8sLoggingExclude: true后,直接apply就可以了？

huanggze
我的理解Kubernetes filter，都是input采集完了，通过filter处理才决定丢弃，不如一开始就在input-tail里面排除掉，这样节约点计算资源。不知道对不对？
https://github.com/kubesphere/fluentbit-operator/blob/master/manifests/logging-stack/input-tail.yaml