Overview As a light-weight, efficient replacement for fluentd, fluent-bit met almost all the requirements for lifting Kubernetes logs, transforming them to Splunk HEC format and forwarding them to a Splunk HEC instance. This solution gives us, Resource efficiency No further processing before index storage required by Splunk Self-service index routing and sourcetype specification via Pod labels At this point, fluent-bit is missing two key pieces required to complete the transformation to HEC format.