Loggly provides the infrastructure to aggregate and normalize log events so they are available to explore interactively, build visualizations, or create threshold-based alerting. In general, any method to send logs from a system or application to an external source can be adapted to send logs to Loggly. The following instructions provide one scenario for sending logs to Loggly.
The following article describes how to implement a unified logging system for your Docker containers and then send them to Loggly via the open source log collector Fluentd. Fluentd has a variety of filters and parsers that allow you to pre-process logs locally before sending them to Loggly.
Please follow the instructions below to set up your Docker container to send logs to Fluentd:
You can get Fluentd on RHEL / CentOS, Ubuntu, MacOS X, Windows, or Ruby.
Once you have the Fluentd logging set up as described above on the Docker container, you can then follow the link below to see the instructions to send the logs to Loggly. We recommend tagging the logs that are coming from your container via Fluentd to include a tag such as ‘docker’ in order to easily locate your Docker logs in Loggly’s Dynamic Field Explorer.
- GitHub Readme – Describes setup as well as source code
- Fluentd tags – Example of how to populate Loggly tags from Fluentd tags using fluent-plugin-forest
If you don’t see any data in the verification step, check for these common problems.
- Wait a few minutes in case indexing needs to catch up
- Verify the container is running and that it has mapped port 514 by running sudo docker ps -a
- Send test events from inside each of the containers and from the host to see which point in the chain is dropping logs
- Search or post your own Docker logs, Fluentd, Docker daemon, or other Docker-related question in the community forum.