How to check pod logs in Kubernetes

Kubernetes, the popular container orchestration platform, empowers organizations to deploy, scale, and manage containerized applications. Monitoring and troubleshooting are crucial aspects of maintaining a healthy Kubernetes cluster. One of the essential tools for diagnosing issues and gaining insights into the system’s behavior is log analysis. In this blog, we will see how to check pod logs in Kubernetes, exploring different methods and tools available for effective log management.

Understanding Kubernetes Logging Architecture

Kubernetes adopts a centralized logging approach, where containerized applications generate logs that are collected and stored in a centralized location. Each pod, the smallest deployable unit in Kubernetes, typically consists of one or more containers, and each container generates its own set of logs.

Logs are often stored on the node where the pod is running. Kubernetes supports various log storage backends, and administrators can choose from solutions like Elasticsearch, Fluentd, and others to aggregate and store logs for analysis.

Checking Logs Locally

  1. kubectl logs
    The most straightforward method to check logs is using the kubectl logs command. This command allows you to view the logs of a specific pod or container within a pod. For example:
   kubectl logs <pod_name>
  1. Specific Container Logs:
    If a pod has multiple containers, you can specify the container name to view logs for a particular container:
   kubectl logs <pod_name> -c <container_name>

Checking Logs Remotely:

  1. Accessing Logs from Cluster Nodes
    Sometimes, it’s necessary to check logs directly on the nodes. You can find container logs in the /var/log/pods directory on the node corresponding to the pod’s namespace and UID.
  2. kubectl cp
    Use the kubectl cp command to copy logs from a pod to a local machine:
   kubectl cp <namespace>/<pod_name>:/path/to/logfile.log .

How to use kubectl logs --tailcommand

The kubectl logs --tail command is used in Kubernetes to retrieve and display the logs of a specific pod. The --tail flag allows you to specify the number of lines from the end of the log to display. This is useful for quickly checking the most recent entries in the logs.

Here’s an explanation of the kubectl logs --tail last 100 command:

  • kubectl: The command-line tool for interacting with Kubernetes clusters.
  • logs: Subcommand used to retrieve logs from one or more containers.
  • --tail: Flag that specifies the number of lines from the end of the log to show.
  • last: Indicates that you want to display the last N lines of the logs.
  • 100: The number of lines to display. In this case, it’s set to 100.

For example, if you want to see the last 100 lines of logs for a pod named “my-pod,” you would run:

kubectl logs --tail 100 my-pod

This command would output the last 100 lines of logs from the specified pod. Adjusting the value after --tail allows you to control the number of lines you retrieve. It’s a convenient way to get a quick overview of recent log entries, especially when troubleshooting issues or monitoring the behavior of a containerized application within a Kubernetes pod.

Logging with Monitoring and Aggregation Tools:

  1. Fluentd and Elasticsearch:
    Deploying Fluentd as a log collector and Elasticsearch as a storage backend is a popular choice. Fluentd collects logs from containers and sends them to Elasticsearch for indexing and querying.
  2. Prometheus and Grafana:
    For monitoring and logging, Prometheus is commonly used in conjunction with Grafana. Prometheus scrapes metrics, and Grafana provides a graphical interface for querying and visualizing data.
  3. Logging Operators:
    Logging operators like EFK (Elasticsearch, Fluentd, Kibana) and Loki offer integrated solutions for log management within Kubernetes clusters.


Effectively managing logs in a Kubernetes environment is essential for troubleshooting issues, monitoring application health, and ensuring the overall stability of the cluster. Whether you choose to use native kubectl commands or leverage external log aggregation solutions, understanding how to access and analyze logs is a key skill for Kubernetes administrators and developers alike. As your Kubernetes deployment scales, investing in robust logging solutions will become increasingly important to maintain visibility and control over your containerized applications.

That’s all about How to check pod logs in Kubernetes.