Це відео не доступне.
Перепрошуємо.
Meet Grafana LOKI, a Log Aggregation System for EVERYTHING
Вставка
- Опубліковано 12 сер 2024
- I've been on a quest to find a new logging system. I've use quite a few in the past, some open source, some proprietary, and some home grown, but recently I've decided to switch. I've switched to Grafana Loki for all of my logs for all of my systems - this includes machines, devices, docker systems and hosts, and my all of my Kubernetes clusters. If you're thinking of using Grafana and are also looking for a fast way to log all of your systems, join me as we discuss and configure Grafana Loki.
Video Notes: technotim.live/posts/grafana-...
Don't want to host it yourself? Check out Grafana Cloud and sign up for a free account l.technotim.live/grafana-labs
Support me on Patreon: / technotim
Sponsor me on GitHub: github.com/sponsors/timothyst...
Subscribe on Twitch: / technotim
Become a UA-cam member: / @technotim
Merch Shop 🛍️: l.technotim.live/shop
Gear Recommendations: l.technotim.live/gear
Get Help in Our Discord Community: l.technotim.live/discord
2nd channel: / @technotimtalks
(Affiliate links may be included in this description. I may receive a small commission at no cost to you.)
00:00 - Intro
00:59 - How does Gafana Loki work?
01:39 - What are we going to configure today?
02:41 - What are the requirements?
02:58 - Docker Compose Grafana Loki config
07:48 - Loki Config
08:35 - Promtail Config
10:12 - Start our Loki Stack
10:49 - How to check if it's working
11:29 - Logging in to Grafana
11:55 - Add Loki data source to Grafana
12:30 - Querying Logs with Grafana and Loki
15:03 - Configuring Promtail for Docker container logs to Loki
16:50 - Adding the Grafana Loki Docker driver
17:37 - Configuring the Docker daemon.json
19:36 - Recreating Docker containers after applying
20:37 - Querying Grafana Loki by Docker container labels and streams
23:07 - Setting up Grafana to be a syslog receiver / endpoint
24:44 - Setting up a kubernetes cluster with Promtail, Grafana, and Loki
27:13 - Grafana Loki Dashboards
27:35 - Which logging system do you use?
27:51 - Stream Highlight - "You guys are going to blow up my Raspberry Pi""
#Grafana #Loki #TechnoTim
"Violet Haze" is from Harris Heller's album Bounce.
l.technotim.live/sb-music-lic...
Thank you for watching!
OK, nerd talk: What's your favorite logging system? (would this ever come up in a normal conversation???)
LibreNMS
For prod systems I really love Splunk
I've tried graylog, elk, datadog, cloud watch and a few others. Most are overkill, some are crazy expensive and none are perfect (or even great) Loki was on the 'check out at some point' list
ELK (elasticsearch, logstash, kibana)
@@VoislavVasiljevski ELK is definitely on the "one of the best" list. It's only down side is, it's resource intensive.
These guides are insane. No one goes to the detail that you do. You explain why and how commands and config files work rather that just reading them. Love your channel!
"Make sure you're in a directory... I dont know where else you'd be..." Made me laugh so hard xD
haha! I was going to re-record that part but I was like "just roll with it"
@@TechnoTim best decision
Root?
I've watched so many deployment videos trying to get a better all around understanding on all the NMS out there, what they can do, how they operate under the hood, etc. This by far is the absolute best I have seen and definitely earned you a sub. Most deployment videos tend to be quite dry, very un-explainative, and usually feel like a 'just do this real quick and it works' video. Thank you!!!
Excellent! I am a long time user of Grafana and do a lot with it, but now the job is to manage the logs: here we are! Loki is the tool we want to deploy. Thanks a lot for your video, brillant, will be very helpful!
5 min in and I can already tell your my new favorite tech guide guy. The detail is really welcome!
Yo bro, I like your video and the way explained every single bit and steps are just beyond awesome. Thanks for this quality content. God bless you my friend.
I was waiting for this video. Very well explained as always, thanks Tim !
To take a quick glance at my docker logs, i like to use Dozzle, a very small and straight to the point tool, but it does the job
Thank you! Glad you liked it!
Thanks! This was informative! It's worth mentioning that Promtail is not required if you are setting Loki as the Docker daemon default logging driver
This is great and timely! Awesome vid! You make logging look fun! Gonna try it out right now!
Thank you! Let us know how it goes!
Thanks man! This is just so much easier and less troublesome then configuring a proper ELK stack.
Glad it helped!
Just found your channel. I freaking LOVE these deep dives. Thank you so much for your hard work and insights!
Thank you and welcome!
Awesome tutorial Tim, as usual you nailed thank you for your hard work.
Now, because of you, I want it ! Thanks for the great work.
Fantastic tutorial... everything explained really well, and worked perfectly.. great way to get up and running with Loki / Promtail / Grafana quickly!!
Glad it helped!
GREAT VIDEO, got me through Loki and Syslog, thank you Tim
Thank you for the demo. I really appreciate it. I am in the process of setting up a syslog server.
Great tutorial! One thing to note if you want to log specific docker containers you don't need to install promtail or change the deamon file. Just need the docker plugin for Loki and extra configuration in docker-compose for your specific containers that should use dedicated Loki logging driver.
Hello, this sound interesting can you give an example or link ? Thanks
Yes please, that will help a ton!
Thank you for your great work, i think i have nearly a copy of your homelab in my home
Thanks for the demo and info, have a great day
Thanks for this tuto. :) I get a lot of value from it :D
Thank you for the video. Helped a lot!
Thank you for your video. I enjoyed it very much and I know what I will do when I have some more free time around christmas this year.
Thank you! Me too!
this tutorial was awesome, appreciate you!
You are my inspiration!! Great job!!
Great presentation of some solid content! Thanks for sharing!
Thank you!
Been using Loki for over 2 years for work and play. Even out performed some enterprise level logging we tried too!
Nice! Thanks for sharing!
Thank you so much for the knowledgeable session
Pfff ...this is great!! 😀
Thx man! Will definitely have a play with this! ✌️
Hope you enjoy it!
This was a lengthy but worth every second. Managed to get this up and running and Im happy but I would love a guide on getting syslog integrated
Nice work! Noted!
Thanks for these excellent walk throughs. It's not easy to cover this level of stuff and still be interesting to watch.
Messing with influxdb but will check out Loki next. Wondering how Loki performs with TBs of logs without switching to cloud storage. Thanks for the video!
Gratefull i found this channel, thanks sir. Greeting from indonesia
Please make a video for Tempo as well!
Then we can see how you monitor logs, traces and metrics using grafana and setting alerts!
That would be cool!
Tempo Maintainer here and YES! Would love to see that!
We went ahead and added Grafana and Loki to our TrueNAS SCALE Apps as well :)
Took some work, but well worth it ^^
Hi Tim, you look like the kind of guy to keep (their system) up to date, but for those that may not know, there was a high-severity, zero-day vulnerability for Grafana a few days ago that enabled remote access to local files. Anybody that could access the site could access any file on the system, like for instance /etc/passwd. There are proof-of-concepts publicly available so it takes hardly any skill for script kiddies to start scanning.
Grafana released a fix right away. If you have not already, install the latest versions / patches!
+1 I've noticed this as well, but by using the "latest" tag the fixed version should be pulled next time you up the containers with the "--build" argument. Just want to add a small note for others as well, that using "latest" is not a best practice, and you should specify the version you want to use (especially in production), else you could end up pulling a vulnerable version without even realizing.
really nice content dude!
i usually do Elasticsearch, i know its heavy in use and maintenance but also plugs into other things like my wiki so its great. Loki does look promising tho.
Great explanation, thanks a lot.
You know it's like really simple to develop plugins for Grafana? In my recent job we had to develop some very custom dashboards on the data we were collecting and it turns out Grafana has this whole eco-system to develop not only panel plugins, or data source plugins, but even app plugins, which integrate directly into the Grafana UI. It's really nice, since you get all user management and auto-reloading of data mechanisms for free :) And when I say easy, I mean really hard if you don't know it's basically React (and I didn't know React). But once you figure it out, it's easy.
It was an interesting video though, I had been wondering about this logging stack for a while and if I should chase it. The thing is, Kibana is just too powerful. Like even having unstructured data and being able to structure it on the fly is just everything.
Very Nicely Explained, keep it up.
Glad you liked it
Thanx a lot. Something that would be cool is to have a guide howto setup loki,mimir,tempo with grafana and prometheus in k8. Thanks!
IDK may be I am wrong fix me if so. The man talks as if he is talking inside my brain. Awesome job
🤯
very nice video, well done, thanks.
Awesome video, Tim! Could you share your dashboard config from 0:47? It looks like exactly what I need.
Thanks, great explanation indeed
Before watching this video I was thinking to myself I wish Tim had a grafana tutorial.
Simply amazing
Remap Caps Lock to Ctrl if your control key is broken! Easier to reach, I do this by default. Great tutorial.
this video is great help
Hey Tim, great tutorial, I had decided on Loki already. Still, I have an issue with how to set up log retention using my Digitalocean space as external storage support, so I'm wondering if you got anything to share on that..?
Great presentation! , thanks you
Glad you liked it!
you can use ./bla (relative path) for binding volume
Thanks!
very nice thanks for this
thank you for validating my use of nano. we are nano brothers, brother.
luvvvvv your channell
Hey Tim, great content as per usual!! I just saw your video and been struggling to set up logging from a firewall with this especially since promtail will be deprecated next year and they are switching to alloy. I wanted to know what are you using today in 2024 and if your still use this setup, have you migrated to alloy instead ?
You can't start logging this professional now dude, I stayed hidden so far from you but now it's impossible 🤣
You have so many docker tutorials and you're actuality running them in your house that... I have to...
I hereby declare you the docker King of UA-cam!
Thanks 😅. I did get a little enterprise on this one, did I? 😆
@@TechnoTim This is what I want in my feed, some good knowledge instead of that Tiktok crap. 😉
Hey Tim, Love the video great job, How would this apply to the Raspberry Pi/Orange Pi/Rock Pi? Thanks for your hard work. Can it be installed on RPi 4 or the others I mentioned above?
hey Tim,
can you make a tutorial on grafana for plex only within docker, saw some other vids and it is looking very cool to monitor plex with it.
keep up the good work
Great video Tim as always! How do you add remote docker hosts on the promtail/loki configuration?
The same way but then point them to the remote server with promtail to ingest!
for the syslog, see if you can point the logs towards a dummy ip address. this way if someone gets into you system, they won't be able to find and mess with the logging server
Great video. Thanks for putting this info out. I will use it to monitor my home network. QQ on syslog, once I place the configuration in the yaml file, I dnt need to use something like rsyslog on a server to listen to the syslog and forward it to promtail? I can send the my syslog directly to promtail container on port 1514?
Great video, I have a question about the promtail adding docker section. when you set up the docker loki driver, the daemon config was sending logs directly to loki so I am not sure what the promtail configuration actually did in this setup. Additionally, the promtail config was set to push from /var/lib/containers.... but this would have ben for the folder within the container of promtail only and not host. Have I missunderstood something?
You are correct, I believe the loki driver method is completely different form the promtail one with the docker pipeline stage
See the other comment I just posted about this for more details :)
Great video! I installed grafana, prometheus, loki and promtail on my Proxmox host and I am really liking it. One question: is there an easy way to get promtail to get logs from my Proxmox LXC containers and VMs? Or do I need to install promtail into each LXC/VM in order to get the logs into loki?
Hello, I have LXC containers (15) with dockers running inside, have you found a way to monitor them without installing the agent on all of them?
I love grep, awk, wc, uniq and sort commands :)
Hi Tim
thanks for all the good stuff you create!
I really would like to log actions on my kids' windows 10 computers (they're 8 yo).
Just "items" like which program has been started and on google & youtube what was being queried/returned/displayed...
Do you have an idea how to achieve that?
Just come across your video. Great tutorial. One question: what dashboard are you using for this? It's something I would be interested in using. Thanks
Thank you !, Your video really help me get this going !. Does someone know about a grafana dashboard ID to see all containers ?
excellent, man! We are evaluating right now a custom logging solution as the ones offered by major cloud providers are quite expensive... alternatives would have been an ELK stack, or something preconfigured as graylog... what do you think? Thanks
really depends on your infra! This is great for cloud, containers, kuerbernetes, and even traditional syslog. If you are already sing grafana that's a plus too!
Hi! Before all, amazing video!!
But, I'm having an issue when I try to do the first query, I see "No logs volume available". I already checked /ready and /metrics and looks good. Do you know which can be the problem?
Thanks a lot
Great tutorial!!! Is is difficult to get logs out of loki without Granfana Dashboard.
Hey, Thanks for providing docker-compose grafana loki setup. Could you please kubernats (using kind) grafana loki yml if possible(for capturing the ISTIO logs)
Hello. Thanks for the video. You can made a video how monitor docker host machine and containers using prometheus and grafana daskboards?
Hi, great video. Inspired me to try Loki in my k3s system for my app. I have an issue though. I cannot query logs that are older than 1 hour (no data is returned). Do you potentially know what could be the cause of that, which configuration, because I spend a couple of hours and cannot find the solution.
Unfortunately, I found that the syslog functions do not work with my firewall (SonicWALL) and promtail. Looking at some dashboards on Grafana related to SonicWALL it says something about setting up rsyslog in front of promtail to get it to work.
Is there a GitHub repository showing the various configuration files? That would be helpful.
Hi , may I know how to add the prometheus , snmp exporter also include in the docker?
My purpose is monitor linux system, windows system , and network deivce e.g Cisco switch , FortiGate firewall . Thank you
Hi , I tried to extract logs from mssql server using promtail , loki grafana I window environment, logs are coming to grafana dashboard. Problem here is in logs words are displaying as I n s t a n c e instead of instance. Can you please help with solution to resolve my issue.
Thanks 😎
Liked and subscribed. Thanks for sharing.
Thanks for the sub!
And for the like!
and for the comment! 🚀
Is there a video on how to set up the dashboard?
1. Is Loki-Promtail stack suitable for aggregating and shipping logs that are generated at microsecond level?.
2. When logs are available in multiple files, promtail ships the logs in round robin fashion, spoiling the order of the logs. (Let's say logs generated through rolling file appender fashion).
Any comments will be helpful.
I got this working well for standard logs . I'm curious if I can send other logs, like from ansible pull or from application that I write, to promtail as well.
Google wasn't useful for answering this question, so maybe I'll hit up reddit and Grafana forums.
Could you talk about the loki version(distributed-loki) and how to install please :)
I have been using loki, It is great, I use it with promtail, the only issue is that the documentation is horrendous, it assumes you know how to use prometheus, and I do not.. I do have an issue getting loki and promtail to start up properly in docker due to the lack of delayed starts. ALSO If anyone has ideas for log rotation management easier than dealing with logrotate.d?
Great thumbnail! 😁
Haha! Thanks! I figured I would get creative on this one!
Hey Tim and thanks for this great presentation!
Can the Loki config be written inside the docker-compose file instead of refering to a seperate external file?
I think so, I think you can pipe yaml into yaml. So much yaml! haha! Should work though.
Thanks for the overview! Just etc != etsy :D
I used Rancher Monitoring from your previous tutorial with Grafana. I had to remove it since it uses a lot of resources.
Yeah, that installs prometheus, grafana, alert manager, and everything to log and alert for an entire cluster. Prometheus uses a lot of cycles. This is much lighter and you can actually send all your logs from your cluster using this.
Hi friends,
Note : logs are from ubuntu server....
I'm looking for a log retention for 3 months in grafana loki .... How can we extend the retention period from the default 30 days to 90 days ??
Loki is great, very versatile. Be warned tho if you have limited storage space the loki database can grow in size quick!
Edit: loki doesn't trim old logs by default.. I only keep logs up to two weeks old. Huge data saver!
Good tip!
What config items do you need to set to change the default storage locations? I'm looking at their config reference and having trouble making sense of it
This is the first I though when Tim was explaining the setup.
Hey Tim - great information in your videos! Through lots of tinkering, I've managed to get k3s, cert-manager, rancher, traefik with tls certs up and running under Proxmox (I backed up my whole server, reformatted with Proxmox, created a VM and restored the server which runs 35+ containers in docker for my homelab). I want to get Grafana Loki but also want the prometheus and alerting too from your monitoring video. It looks like installing monitoring via the marketplace gets charts etc but do you just add loki rather than the loki stack? Adding loki stack seems to add things but there were no charts by default installed. Again, thanks for your awesome work. Your homelab machinery is sweet!
Hi! Thank you! Nice stack! Yeah, if you just want loki and grafana use the lokie stack (I have the commands in my docs) but you can also tailor the helm command if you already have grafana installed. This is probably what you want so that you can use your existing install.
@@TechnoTim So I installed the Rancher Monitoring package (brought in prometheus and customized grafana), installed standalone grafana and added rancher monitoring prometheus (worked), then installed loki-stack with just loki (with persistent storage), Promtail, and prometheus (could probably use the rancher monitoring one but couldn't figure out how to configure Promtail to use it vs the one it links to) enabled and added loki as a datastore to standalone grafana. Worked! So I have alerts now going to Slack, loki collecting and filtering logs, and grafana to view either prometheus or loki logs. Now just need to add in my Unifi data source and teslamate datastore once those containers are moved from docker-based system to k3s. Now back to the day job...
Awesome video @TechnoTim . Around the 15:24 mark, he was talking about how you would usually check Docker logs then scrolled down his container names, how did he do that? I'm assuming it is a particular shell, maybe? Anyone knows?
I am using zsh with oh-my-zsh and the docker plugin enabled. Search my website for zsh. I have examples.
Great video, just set it up. One question though: Retention, what are the limits, and where can you set them to stop it taking up all the space on my host?!
Log retention is configurable
Hey Tim, great tutorial I had a bit of difficulty to set it up on my synology NAS, case, je deamon.json is not located in /etc/docker...
it's in /var/packages/Docker/etc wich is a siimlink to /volume1/@appconf/Docker
and second diff it's not named daemon.json but dockerd.json...
this may help people using their Synology NAS to host a few apps ;)
Great find!
Hi Tim Great video. I got the local logs working fine but when trying to get the logs from my docker containers its not working. Could you please point me in the right direction to check for any logs as to where it could be failing ?
Thanks
Be sure that your yaml for promtail is correct after applying the changes. Check promtail logs to be sure there aren't any errors
Yes I want to see how to push pfsense logs and I want to see what a logs dashboard would look like
let me ask 1 question Loki is possible to connect with old container logs after using docker plugin
A new video, I love it // Vermium
Good to see you! Hope you're well!
@@TechnoTim I am! I hope you're well too!