4.1.1.1 Ensure correct container image is set for stackdriver logging agent

Information

stackdriver-logging service runs stackdriver container image to export logs to Cloud Logging.

Note: This recommendation is not applicable for COS images using Fluent-bit as it isn't containerized.

If the logging agent is not set correctly, the logs cannot be exported to Cloud Logging.

Solution

Edit the LOGGING_AGENT_DOCKER_IMAGE variable in the /etc/stackdriver/env_vars file to set the correct logging agent.

Run the following command to restart stackdriver-logging service :

# systemctl restart stackdriver-logging

/etc is stateless on Container-Optimized OS. Therefore, /etc cannot be used to make these changes persistent across reboots. The steps mentioned above needs to be performed after every boot.

See Also

https://workbench.cisecurity.org/benchmarks/12218