Fetching Azure Kubernetes Service (AKS) Events from Azure Log Analytics Workspace

In this article, I will walk through how to fetch the Kubernetes container events from Azure Log Analytics.

Assumption:

The Azure Kubernetes Service is already set with the Log Analytics workspace.

Background: In current project the microservice application deployed in AKS pod had high restart count.

Information: Usually if we setup and install, the Kuberentes in local, we can list the events of the container using

kubectl get events

In Azure AKS containers the events are shipped to the Log Analytics Workspace.

Viewing the Container events

From portal, navigate to Log Analytics Workspace and select configured workspace.
From the Queries listed, select the Containers option, pick the Kubernetes Events and click the run button
Once the Query editor is opened up, include the query below and the result provides the list of events over time.

// Kubernetes events 
// Lists all the Kubernetes events. 
KubeEvents
| where TimeGenerated > ago(2d) 
| where not(isempty(Namespace))
| where Namespace  contains "namespace-of-aks-to-fetch-event"
| where Name contains "pod-name"  //pod or deployment name 
| top 200 by TimeGenerated desc

The query can be tweaked per requirement.

Fetching Azure Kubernetes Service (AKS) Events from Azure Log Analytics Workspace

Comments

More from this blog

VS Code configured with ollama LLM Model in Chat session running in local

RAG system in Spring AI and Langflow using Qdrant Vector Storage

Apache Kafka with Apicurio Schema registry

Download container extract the multi-image tar.gz file and load to artifactory

Docker nexus registry backed with SSL and using image in kind cluster

Command Palette

Comments

More from this blog