How to Forward Logs to Managed OpenSearch Database

DigitalOcean Kubernetes (DOKS) is a managed Kubernetes service. Deploy Kubernetes clusters with a fully managed control plane, high availability, autoscaling, and native integration with DigitalOcean Load Balancers and volumes. You can add node pools using shared and dedicated CPUs, and NVIDIA H100 GPUs in a single GPU or 8 GPU configuration. DOKS clusters are compatible with standard Kubernetes toolchains and the DigitalOcean API and CLI.


You can forward cluster event logs to a DigitalOcean Managed OpenSearch Cluster. Event logs record events of Kubernetes clusters and are useful for debugging and understanding what happened to various Kubernetes objects. You can search, index, and retain the logs in the DigitalOcean Managed OpenSearch cluster.

Forwarding logs does not count towards the cluster’s bandwidth usage.

Note
Log forwarding does not support sending logs to managed OpenSearch clusters with trusted sources enabled. To send logs to a managed OpenSearch cluster, disable trusted sources.

To configure log forwarding, go to the Kubernetes section of the control panel, select the cluster, and click the Settings tab. In the Event log forwarding section, click Edit.

OpenSearch log forwarding

If you do not have an existing managed OpenSearch cluster, click Create a database to open the Create Managed Database screen. Choose a datacenter region, specify OpenSearch as the database engine, and other cluster settings as described in Create OpenSearch Clusters.

After you create the managed OpenSearch cluster or want to select an existing cluster, click Managed OpenSearch to open the Forward logs to Managed OpenSearch window. Specify the following values:

  • Destination name: Name for the destination. Provide a descriptive name for the destination.

  • Select DigitalOcean OpenSearch database: OpenSearch cluster to forward logs to. Select the cluster from the dropdown list.

  • User: The username you use to access the cluster. Use the default doadmin user or select another user from the dropdown list.

  • Index name: The name of the OpenSearch index to forward the logs to. Specify a lowercase index name or use the default value of logs. Indexes with uppercase characters in their names may not appear in the dashboard. For more information on indexes, see OpenSearch’s documentation.

Log forwarding window

Click Add destination to add the managed OpenSearch cluster as a log forwarding destination.

OS cluster added

If you want to change the destination, click the menu and select Edit destination to open the Edit Managed OpenSearch destination window. Update the settings you want and click Save Destination.

To remove the log forwarding destination, click the menu and select Remove. Then, click Remove destination to confirm removing the destination.