Preparing to collect logs by enabling BMC Helix logging

As a system administrator, you deploy BMC Helix Logging to collect logs. BMC Helix Logging uses Elasticsearch, Fluent Bit, and Kibana (EFK) to collect, store, and view your log data.


Related topics

Troubleshooting-EFK-logging-issues

Working-with-logs

Before you begin

  • Make sure that you have created a namespace.
    For more information, see Creating-a-namespace-for-deploying-BMC-Helix-IT-Operations-Management     .

  • Make sure that the following ports are available for Elasticsearch and Kibana services: 

    Important

    The traffic to Kibana ports is routed from the Load balancer on port 443 to the Ingress controller. As the Ingress controller decides the internal routing of the traffic, the Kibana ports should be open in the Kubernetes cluster.

To prepare to collect logs by enabling BMC Helix Logging

  1. In the helix-on-prem-deployment-manager-<release_version>/ configs /deployment.config file, change the value of the BMC_HELIX_LOGGING parameter to yes:
    BMC_HELIX_LOGGING=yes

    Important

    If the value of the BMC_HELIX_LOGGING parameter is no, the BMC Helix IT Operations Management supportability is limited, and the root cause analysis of an issue might not be possible.

  2. Run the following command to get the Kibana configmap: 

    kubectl -n <namespace> get cm | grep efk-elasticsearch-kibana-conf
  3. In the helix-on-prem-deployment-manager/configs/bmc-helix-logging.config file, set the value of the ESKIBANA_SERVER_HOST parameter:
    • To use IPv4, set the value of ESKIBANA_SERVER_HOST as "0.0.0.0"
      ESKIBANA_SERVER_HOST="0.0.0.0" 
    • To use IPv6, set the value of ESKIBANA_SERVER_HOST as "::"
      ESKIBANA_SERVER_HOST="::"
  4. If you are using a Kubernetes cluster, perform the following steps:
    1. Create PodSecurityPolicy (PSP) for EFK. You must have cluster-admin privileges to create a PSP.
    2. Open the efk-fluent-bit-psp.yaml file. Enter the namespace that you created. 
      The efk-fluent-bit-psp.yaml file is located at helix-on-prem-deployment-manager/bmc-helix-logging/efk/fluent-bit/efk-fluent-bit-psp.yaml.
      You can also download it from efk-fluent-bit-psp.yaml.

    3. Run the following command to apply the changes: 

      kubectl apply -f efk-fluent-bit-psp.yaml

      Role and RoleBinding are created automatically.

  5. If you are using OpenShift cluster, perform the following steps:
    1. Create Security Context Constraints (SCC) for EFK. You must have cluster-admin privileges to create an SCC.
    2. Open the efk-fluent-bit-scc.yaml file. Enter the namespace that you created.. 
      The efk-fluent-bit-scc.yaml file is located at helix-on-prem-deployment-manager/bmc-helix-logging/efk/fluent-bit/efk-fluent-bit-scc.yaml.
      You can also download it from efk-fluent-bit-scc.yaml

    3. Run the following command to apply your changes: 

      oc apply -f efk-fluent-bit-scc.yaml

    4. Run the following command to apply SCC on Fluent Bit service account:

      oc adm policy add-scc-to-user efk-fluent-bit system:serviceaccounts:<namespace>:efk-fluent-bit
    5. Create the Role and RoleBinding by using the efk-fluent-bit-role_rolebinding.yaml:
      1. Open the efk-fluent-bit-role_rolebinding.yaml file. Enter the namespace that you created.

      2. Run the following commands to apply your changes: 

        oc apply -f efk-fluent-bit-role_rolebinding.yaml

        oc adm policy add-scc-to-user efk-fluent-bit system:serviceaccounts:<namespace>:efk-fluent-bit
  6. (Optional) View logs on the Kibana user interface. 
    1. From the config/infra.config file, obtain the URL to access the Kibana UI. 
      For example: https://kibana.apexglobal.bmc.com
    2. On the Kibana login screen:
      1. Enter elastic as the default user name.
      2. Enter the Kibana password that is added in the commons/certs/secrets.txt file.
      3. Click Log In .


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*