Unable to view Username information in fluent bit logs for OIDC External Identity Provider.

Reference: Forwarding Supervisor Logs to External Monitoring Systems

Issue persists after following the below:

1. Add the below in inputs-custom.conf file:

[INPUT]
 Name              tail
 Tag               pinniped.*
 Path              /var/log/containers/pinniped-concierge*.log
 DB                /var/log/vmware/fluentbit/flb_pinniped-concierge.db
 Skip_Long_Lines   Off
 Refresh_Interval  10

2. Reference: Supervisor and Concierge Audit Logging

By default, usernames and group names are not included in the audit events.

Added the below parameter and restarted deployment of pinniped, but still the issue persisted.

apiVersion: v1
kind: ConfigMap
metadata: # ...
data:
  pinniped.yaml: |
    # ...other settings
    audit:
      # This setting is available in both the Supervisor and Concierge ConfigMaps.
      # When enabled, usernames and group names determined during end-user auth
      # will be audit logged.
      logUsernamesAndGroups: enabled

vSphere vCenter 8.x

vSphere Supervisor 8.0

VMware vSphere Kubernetes Services

Reference: Release v0.36.0 · vmware/pinniped · GitHub

Audit logging capabilities with username information was introduced in pinniped version 0.36.0 which was released in December 2024.

Pinniped will be updated in future vCenter release, where the Supervisor will include Pinniped version 0.41.x.

At present, there is no released Supervisor build that includes Pinniped version 0.36.

Related issue: Unable to authenticate to the vSphere Supervisor with ADFS. "Bad Gateway: error exchanging and validating upstream tokens"