Logs
KubeSense FireLens Log Router Setup
KubeSense provides a custom Firelens log router image that collects logs from your application containers and ships them to KubeSense. The solution supports both single shipping (KubeSense only) and dual shipping (KubeSense + CloudWatch).
What This Provides
- Centralized log collection for ECS Serverless workloads
- Single shipping → KubeSense only
- Dual shipping → KubeSense + CloudWatch simultaneously
- Multiline log handling (stack traces, large logs)
- ECS metadata enrichment
- No agent installation on host
- No code changes in application
Architecture
Application Container
│
│ (stdout / stderr)
▼
FireLens (Fluent Bit)
│
├──▶ KubeSense HTTP Endpoint
└──▶ CloudWatch Logs (optional)Step 1: Add Log Router as Sidecar
Add the KubeSense log-router container to your ECS task definition. Choose single or dual shipping configuration below.
Single Shipping (KubeSense Only)
{
"name": "log-router",
"image": "public.ecr.aws/p8w3i6u3/kubesense/log-router:latest",
"essential": true,
"firelensConfiguration": {
"type": "fluentbit",
"options": {
"config-file-type": "file",
"config-file-value": "/logDestinations.http.conf",
"enable-ecs-log-metadata": "true"
}
},
"environment": [
{ "name": "KUBESENSE_SERVICE", "value": "<SERVICE_NAME>" },
{ "name": "KUBESENSE_CLUSTER", "value": "<YOUR_CLUSTER_NAME>" },
{ "name": "KUBESENSE_HOST", "value": "<KUBESENSE_ENDPOINT>" },
{ "name": "KUBESENSE_PORT", "value": "<KUBESENSE_PORT>" },
{ "name": "KUBESENSE_URI", "value": "<KUBESENSE_URI>" },
{ "name": "KUBESENSE_TLS", "value": "<KUBESENSE_TLS>" }
]
}Dual Shipping (KubeSense + CloudWatch)
{
"name": "log-router",
"image": "public.ecr.aws/p8w3i6u3/kubesense/log-router:latest",
"essential": true,
"firelensConfiguration": {
"type": "fluentbit",
"options": {
"config-file-type": "file",
"config-file-value": "/logDestinations.http+cloudwatch.conf",
"enable-ecs-log-metadata": "true"
}
},
"environment": [
{ "name": "KUBESENSE_SERVICE", "value": "<SERVICE_NAME>" },
{ "name": "KUBESENSE_CLUSTER", "value": "<YOUR_CLUSTER_NAME>" },
{ "name": "KUBESENSE_HOST", "value": "<KUBESENSE_ENDPOINT>" },
{ "name": "KUBESENSE_PORT", "value": "<KUBESENSE_PORT>" },
{ "name": "KUBESENSE_URI", "value": "<KUBESENSE_URI>" },
{ "name": "KUBESENSE_TLS", "value": "<KUBESENSE_TLS>" },
{ "name": "AWS_REGION", "value": "<AWS_REGION>" },
{ "name": "CW_LOG_GROUP", "value": "<LOG_GROUP_NAME>" },
{ "name": "CW_STREAM_PREFIX", "value": "<STREAM_PREFIX>" }
]
}Placeholder Values
All placeholder values are provided by KubeSense platform:
<SERVICE_NAME>- Your service/application name<YOUR_CLUSTER_NAME>- Your ECS cluster identifier<KUBESENSE_ENDPOINT>- KubeSense log endpoint hostname<KUBESENSE_PORT>- KubeSense log endpoint port<KUBESENSE_URI>- Log endpoint URI path<KUBESENSE_TLS>- TLS setting (On/Off)<AWS_REGION>- AWS region (dual shipping only)<LOG_GROUP_NAME>- CloudWatch log group name (dual shipping only)<STREAM_PREFIX>- CloudWatch log stream prefix (dual shipping only)
Step 2: Configure Application Containers for Log Routing
Update your application container to use the Firelens log driver:
"logConfiguration": {
"logDriver": "awsfirelens"
}