What is everyone using for their logging solution? So far I’ve not really done anything and just tail the container log when something is going wrong but a more long term, robust log aggregator would be great.
At work I’ve used things like data dog and sumo logic for logs and would love a small self hosted version of that. I don’t think I need long log retention (more than a day or two) but retention + search and maybe the option to create custom aggregations based on those logs would be awesome.
I use Promtail+Loki+Grafana on my home server, which is decently performant, light on resources and storage, and searchable. It takes a little effort to learn the LogQL query language, but it’s very expressive.
I’m running it on Kubernetes, but it should be pretty straightforward to configure for running on plain Docker.
I have been really getting into logQL, but via the query builder in grafana, and only the basics. It is nice and easy when searching for particular words, or excluding them. A bit like grep
Yes indeed, and the ability to parse JSON messages and further filter the results is quite powerful.
At work we use the syslog log driver for docker. Essentially any container stdout gets pushed in to the system syslog that then gets ingested into splunk through one of their forwarders. We needed more than just container logs so that’s the reason for that. For a home setup I’d probably do the same but use the ELK stack instead of splunk.
deleted by creator
Though not particularly a logging solution, lazydocker has made docker administration a lot easier for me.
Thanks for mentioning!
Also not really a solution but Dozzle has been awesome for making viewing live container logs easier
Lol as bad as it is, just reading what’s output to stdout. Worst case, tailing it via a terminal. I do want/need to actually implement a proper solution at some point, but I haven’t actually pulled the trigger on beginning the hunt for a solution yet.
Not sure if it answers your question, but I use Portainer to check the different docker containers I am running. It does not allow me to check the ‘docker-runtime’ logs themselves though, only the logfiles of each of the running containers. It also allows easy term connection if you want, although I usually do that directly form the terminal itself.
Yeah I think that would give me essentially the same access that I have now but through a GUI. I’m hoping for something that will cram my logs into a data store of some sort and present them on a GUI with search, filter, aggregations, etc…
deleted by creator
Syslog-ng to loghost