I am trying to set up the EFK stack on the AWS EKS cluster. I have deployed the EFK pods/services enter image description here the index being created on elasticsearch is in the format logstash-2024.02.16, just wondering if I could dynamically create indices on elasticsearch for each microservice (along with the namespace) for specific namespace and segregate rest of the logs should be under the same index just like it is pushing right now, logs are being pushed from fluentd on the EKS cluster.
Yamls I used for setting up EFK stack https://github.com/ashokitschool/kubernetes_manifest_yml_files/tree/main/04-EFK-Log
I tried adding index_name ${record["kubernetes"]["labels"]["app"]} in the output.conf: |- section, but didn't work.