Splunk Indexing based on kubernetes namespace's

[manikrishna558]

Is your feature request related to a problem? Please describe.

Below is my configuration of fluentd which collect logs from kubernetes and sends to splunk based on namespace. when ever a new namespace is created in K8s we write a manual match condition . the list goes on whenever a new namespace is added.

<match **namespace_abc**>
  @type splunk_hec
  source "namespace_abc"
  sourcetype_key streaming_data
   index {{ .Values.fluentd.splunk.name| quote }}
</match>

<match namespace_xyz>
@type splunk_hec
source "namespace_abc"
sourcetype_key streaming_data
index {{ .Values.fluentd.splunk.name| quote }}

Describe the solution you'd like

How do I avoid multiple manual match entry for different namespaces each time a new namespace is being added ?
how to get namespace/pod/etc K8s information in FluentD so that I can automate it instead of matching the case manually .

Describe alternatives you've considered

so far the alternative we planned is to get the namespace lable and pass it to match statement so that we can avoid multiple match statments
<match ${NAMESPACE_VALUE_K8S}>
@type splunk_hec
source "${NAMESPACE_VALUE_K8S}"
sourcetype_key streaming_data
index {{ .Values.fluentd.splunk.name| quote }}

Additional context

No response