Back to top



Logging in Kyma uses Logspout and OK Log. Logspout is a log router for Docker containers that runs inside Docker. It attaches to each container on a host and routes their logs to a Log Management System. OK Log is a distributed coordination-free log management system. It is a lightweight solution which is not only easy to understand but also easy to operate.


This document outlines the logging architecture of Kyma. It highlights information sources from which Logspout extracts logs to feed to OK Log.

Logspout is deployed as a stateless Daemonset and shares /var/run/docker.sock from the node. It then feeds the logs to OK Log through the ingest API.

OK Log is deployed as a Statefulset. It is capable for storing the logs for 7 days, which is a configurable property. Read more on OK Log architectural decisions here.

Access OK Log

To access the OK Log UI, follow these steps:

  1. Run the following command to configure port forwarding:
kubectl port-forward -n kyma-system svc/logging-oklog 7650:7650
  1. Access the OK Log UI at http://localhost:7650/ui.

  2. Use a plaintext or regular expression to pull up logs from OK Log. For example,