I'm new to both Docker and Graylog. Can anyone show me an example of how to send log data to the Graylog server?
Asked
Active
Viewed 1.7k times
5
Matthias Braun
- 32,039
- 22
- 142
- 171
Shamik Mukherjee
- 51
- 1
- 1
- 3
-
What kind of logs (from which kind of applications or devices) do you want to collect? – joschi Aug 03 '16 at 15:10
3 Answers
10
Actually, it is pretty easy! Graylog's preferred Log Format - GELF - is supported by Docker natively. So if you are using Docker logs already (Docker's internal logging functionality) you can just use Docker's built-in support, that will forward all logs from your container to the specified GELF endpoint. You will have to create a GELF UDP input on the Graylog server.
https://docs.docker.com/engine/admin/logging/overview/
For running a container from command line that sends all logs to Graylog via GELF just use the options log-driver and gelf-address:
docker run -dit \
--log-driver=gelf \
--log-opt gelf-address=udp://192.168.0.42:12201 \
alpine sh
Matthias Braun
- 32,039
- 22
- 142
- 171
Paul Weber
- 6,518
- 3
- 43
- 52
-
2You should consider these issues when using the gelf driver in production: https://blog.docker.com/2017/02/adventures-in-gelf/ – Matthias M Jul 29 '18 at 12:43
-
I couldn't send exceptions that when starting container it gets, to Graylog. Do I have to use udp ? I am using tcp input. – muhammed ozbilici Mar 05 '20 at 13:58
3
If Graylog exposes a syslog listener you could send them with Docker syslog logging driver. But since you say you are new to Graylog, have a look at https://github.com/sematext/sematext-agent-docker which should work for you with minimal effort and will be able to also capture Docker metrics and events, not just logs, which is handy.
user3148164
- 113
- 5
0
Hi you can use log collectors for send logs and traffic to graylog stack Elastic, beats Fluentd, Syslog TCP/udp GELF and ets
Jamal Mahmoudi
- 9
- 3