What is everyone using for their logging solution? So far I’ve not really done anything and just tail the container log when something is going wrong but a more long term, robust log aggregator would be great.

At work I’ve used things like data dog and sumo logic for logs and would love a small self hosted version of that. I don’t think I need long log retention (more than a day or two) but retention + search and maybe the option to create custom aggregations based on those logs would be awesome.

  • FrederikNJS@lemm.ee
    link
    fedilink
    English
    arrow-up
    11
    ·
    1 year ago

    I use Promtail+Loki+Grafana on my home server, which is decently performant, light on resources and storage, and searchable. It takes a little effort to learn the LogQL query language, but it’s very expressive.

    I’m running it on Kubernetes, but it should be pretty straightforward to configure for running on plain Docker.

    • palitu@lemmy.perthchat.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      I have been really getting into logQL, but via the query builder in grafana, and only the basics. It is nice and easy when searching for particular words, or excluding them. A bit like grep

      • FrederikNJS@lemm.ee
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Yes indeed, and the ability to parse JSON messages and further filter the results is quite powerful.

  • lostinasea@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    ·
    1 year ago

    At work we use the syslog log driver for docker. Essentially any container stdout gets pushed in to the system syslog that then gets ingested into splunk through one of their forwarders. We needed more than just container logs so that’s the reason for that. For a home setup I’d probably do the same but use the ELK stack instead of splunk.

  • Dianoga@lemm.ee
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    Also not really a solution but Dozzle has been awesome for making viewing live container logs easier

  • eroc1990@lemmy.parastor.net
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    1
    ·
    1 year ago

    Lol as bad as it is, just reading what’s output to stdout. Worst case, tailing it via a terminal. I do want/need to actually implement a proper solution at some point, but I haven’t actually pulled the trigger on beginning the hunt for a solution yet.

  • faethon@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    1 year ago

    Not sure if it answers your question, but I use Portainer to check the different docker containers I am running. It does not allow me to check the ‘docker-runtime’ logs themselves though, only the logfiles of each of the running containers. It also allows easy term connection if you want, although I usually do that directly form the terminal itself.

    • RadiumOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Yeah I think that would give me essentially the same access that I have now but through a GUI. I’m hoping for something that will cram my logs into a data store of some sort and present them on a GUI with search, filter, aggregations, etc…