Good morning everyone, hope you are enjoying this ...
# kolide
Good morning everyone, hope you are enjoying this beautiful Friday! I have a Kolide Fleet stack running on AWS on an ECS. The server is configured to send log results to a Firehose Kinesis. I want to disable the Firehose plugin and drop the Firehose stack (trying to drop any result logging output from the server). I wonder if we drop the Firehose service on AWS, does the Fleet server will store/cache the results if the Firehose does not exists? I don’t want to store neither cache anything, just disable log results publishing from the server. Or maybe, what would be the right flag/plugin to set in order to disable any log being published from the Fleet server?
iirc, if you don't configure a logger, it'll default to
in this case would be whatever you configured your ECS containers to log to (Cloudwatch Logs, most typically).
Question would be then, can I change this flag without having to redeploy the entire server stack, mean on runtime?
like by using
or something?
this is fine
So going back to my original question, if Fleet cant find/connect to the Firehose stream specified, where are all the logs going?
I know there is an env var called
. Changing that env var would be enough?
If Fleet can’t connect to the firehose plugin, it would just error and not log anything
git push 1
The result plugin can be specified in the configuration file, env vars, or CLI flags. You can’t (or at least shouldn’t) set any of these options in more than one way
Amazing! Thanks for your help!!