Today, at Ignite we are happy to announce the General availability of Syslog collection from AKS nodes using Container Insights. Since our private preview announcement in March, hundreds of customers have enabled syslog collection on thousands of AKS clusters. We thank you for trying out the preview and providing feedback.
IMPORTANT NOTE: Due to slower rollouts towards the year end, the agent version with the GA changes will not be in all regions until January 2024. Agent versions 3.1.16 and above have Syslog GA changes. Please check agent version before enabling in production.
Syslog enables customers to collect logs from Linux-based Kubernetes hosts. This enables customers to monitor kernel issues, troubleshoot host performance, and check for security events. Customers can use syslog with signals in Azure Monitor to perform improved troubleshooting. Additionally, syslog data can be sent to Microsoft Sentinel for security monitoring.
With this GA release of Syslog collection, Container Insights customer have a comprehensive Syslog experience:
- Enable Syslog collection on AKS clusters
- With one-click from the Portal
- At scale using commands line tools: Azure CLI, ARM templates, Bicep, Terraform
- View Syslog events
- using the built-in Azure Workbook
- using the out of box dashboard in Azure managed Grafana
- Dive deeper using Syslog queries in Log Analytics
- Send data to Microsoft Sentinel for security monitoring
Read more about these capabilities in our documentation here: https://aka.ms/CISyslog
Please share any feedback using this form https://forms.office.com/r/BBvCjjDLTS