OK, nerd talk: What's your favorite logging system? (would this ever come up in a normal conversation???)

These guides are insane. No one goes to the detail that you do. You explain why and how commands and config files work rather that just reading them. Love your channel!

Great tutorial! One thing to note if you want to log specific docker containers you don't need to install promtail or change the deamon file. Just need the docker plugin for Loki and extra configuration in docker-compose for your specific containers that should use dedicated Loki logging driver.

Thanks man! This is just so much easier and less troublesome then configuring a proper ELK stack.

I've watched so many deployment videos trying to get a better all around understanding on all the NMS out there, what they can do, how they operate under the hood, etc. This by far is the absolute best I have seen and definitely earned you a sub. Most deployment videos tend to be quite dry, very un-explainative, and usually feel like a 'just do this real quick and it works' video. Thank you!!!

IDK may be I am wrong fix me if so. The man talks as if he is talking inside my brain. Awesome job

Yo bro, I like your video and the way explained every single bit and steps are just beyond awesome. Thanks for this quality content. God bless you my friend.

Been using Loki for over 2 years for work and play. Even out performed some enterprise level logging we tried too!

"Make sure you're in a directory... I dont know where else you'd be..." Made me laugh so hard xD

Please make a video for Tempo as well! Then we can see how you monitor logs, traces and metrics using grafana and setting alerts! That would be cool!

Hi Tim, you look like the kind of guy to keep (their system) up to date, but for those that may not know, there was a high-severity, zero-day vulnerability for Grafana a few days ago that enabled remote access to local files. Anybody that could access the site could access any file on the system, like for instance /etc/passwd. There are proof-of-concepts publicly available so it takes hardly any skill for script kiddies to start scanning. Grafana released a fix right away. If you have not already, install the latest versions / patches!

Thanks! This was informative! It's worth mentioning that Promtail is not required if you are setting Loki as the Docker daemon default logging driver

Excellent! I am a long time user of Grafana and do a lot with it, but now the job is to manage the logs: here we are! Loki is the tool we want to deploy. Thanks a lot for your video, brillant, will be very helpful!

This was a lengthy but worth every second. Managed to get this up and running and Im happy but I would love a guide on getting syslog integrated

Now, because of you, I want it ! Thanks for the great work.

5 min in and I can already tell your my new favorite tech guide guy. The detail is really welcome!

GREAT VIDEO, got me through Loki and Syslog, thank you Tim

We went ahead and added Grafana and Loki to our TrueNAS SCALE Apps as well :) Took some work, but well worth it ^^

I was waiting for this video. Very well explained as always, thanks Tim ! To take a quick glance at my docker logs, i like to use Dozzle, a very small and straight to the point tool, but it does the job

Just found your channel. I freaking LOVE these deep dives. Thank you so much for your hard work and insights!

Before watching this video I was thinking to myself I wish Tim had a grafana tutorial.

Thank you for the demo. I really appreciate it. I am in the process of setting up a syslog server.

You know it's like really simple to develop plugins for Grafana? In my recent job we had to develop some very custom dashboards on the data we were collecting and it turns out Grafana has this whole eco-system to develop not only panel plugins, or data source plugins, but even app plugins, which integrate directly into the Grafana UI. It's really nice, since you get all user management and auto-reloading of data mechanisms for free :) And when I say easy, I mean really hard if you don't know it's basically React (and I didn't know React). But once you figure it out, it's easy.

thank you for validating my use of nano. we are nano brothers, brother.

Hi! Before all, amazing video!! But, I'm having an issue when I try to do the first query, I see "No logs volume available". I already checked /ready and /metrics and looks good. Do you know which can be the problem? Thanks a lot

Fantastic tutorial... everything explained really well, and worked perfectly.. great way to get up and running with Loki / Promtail / Grafana quickly!!

Thanx a lot. Something that would be cool is to have a guide howto setup loki,mimir,tempo with grafana and prometheus in k8. Thanks!

Thanks for this tuto. :) I get a lot of value from it :D

This is great and timely! Awesome vid! You make logging look fun! Gonna try it out right now!

Remap Caps Lock to Ctrl if your control key is broken! Easier to reach, I do this by default. Great tutorial.

Thank you for your great work, i think i have nearly a copy of your homelab in my home

Thanks for the demo and info, have a great day

Thank you for the video. Helped a lot!

Thank you so much for the knowledgeable session

Can this be used in a closed source commercial product? The AGPL license is concerning. Even though no changes are made to the source code, and it would only be used for internal purposes, section 13 of the license is concerning. The software is a web application, so it would be accessible over a network, and while logs would obviously not be shown to end users, and technically aren't even necessary for the application to work, they are necessary for development and debugging.. Can't figure out whether it can be used in my company or not

Awesome tutorial Tim, as usual you nailed thank you for your hard work.

New monitoring: error and alert monitoring: CheckMK performance monitoring: Prometheus + Grafana log monitoring: Loki + Grafana status monitoring: uptime kuma

Thank you for your video. I enjoyed it very much and I know what I will do when I have some more free time around christmas this year.

Gratefull i found this channel, thanks sir. Greeting from indonesia

Is there a GitHub repository showing the various configuration files? That would be helpful.

Loki is great, very versatile. Be warned tho if you have limited storage space the loki database can grow in size quick! Edit: loki doesn't trim old logs by default.. I only keep logs up to two weeks old. Huge data saver!

You can't start logging this professional now dude, I stayed hidden so far from you but now it's impossible 🤣 You have so many docker tutorials and you're actuality running them in your house that... I have to... I hereby declare you the docker King of KZbin!

Great video, I have a question about the promtail adding docker section. when you set up the docker loki driver, the daemon config was sending logs directly to loki so I am not sure what the promtail configuration actually did in this setup. Additionally, the promtail config was set to push from /var/lib/containers.... but this would have ben for the folder within the container of promtail only and not host. Have I missunderstood something?

Awesome video, Tim! Could you share your dashboard config from 0:47? It looks like exactly what I need.

The docker loki plugin had a serious problem, so it was not an option for production use. I don´ t know if this issue has been solved. The last time I was reading through the related issues the developers said, that they might not be able to provide a solution anytime soon. Let me describe: If your container host has high IO load and/or the loki server is not reachable for some reason the whole docker daemon hang up, because it wasn´t able to write the logs. The worst possible situation is when shutting down multiple containers. It wasn´ t possible to define some timeout. It was required to kill the daemon process and remove the container files (/var/lib/docker/containers) the daemon normally manages. I never used the plugin again. I´m happy with configuring the log property of a container and have promtail to scrape this. The result is the same, but without the possibility of a blocked daemon.

Messing with influxdb but will check out Loki next. Wondering how Loki performs with TBs of logs without switching to cloud storage. Thanks for the video!

Great presentation of some solid content! Thanks for sharing!

Hey Tim, great content as per usual!! I just saw your video and been struggling to set up logging from a firewall with this especially since promtail will be deprecated next year and they are switching to alloy. I wanted to know what are you using today in 2024 and if your still use this setup, have you migrated to alloy instead ?

Thanks for these excellent walk throughs. It's not easy to cover this level of stuff and still be interesting to watch.

Hi , I tried to extract logs from mssql server using promtail , loki grafana I window environment, logs are coming to grafana dashboard. Problem here is in logs words are displaying as I n s t a n c e instead of instance. Can you please help with solution to resolve my issue.

You are my inspiration!! Great job!!

this tutorial was awesome, appreciate you!

Awesome video!

i usually do Elasticsearch, i know its heavy in use and maintenance but also plugs into other things like my wiki so its great. Loki does look promising tho.

Pfff ...this is great!! 😀 Thx man! Will definitely have a play with this! ✌️

Hi , may I know how to add the prometheus , snmp exporter also include in the docker? My purpose is monitor linux system, windows system , and network deivce e.g Cisco switch , FortiGate firewall . Thank you

Stupid question, what do you use for SIEM solution in this setup, LOKI is not one or do they plan on it as per github. What would you forward logs to? Graylog or ELK?

Very Nicely Explained, keep it up.

Hey Tim, Love the video great job, How would this apply to the Raspberry Pi/Orange Pi/Rock Pi? Thanks for your hard work. Can it be installed on RPi 4 or the others I mentioned above?

Tried Loki, because it's easy to correlate it with Jaeger so you could check out traces based on trace ids found in logs. But to have advanced features on your logs, there's nothing else like elk+kibana. It only depends on what your needs are. Cheers and thumbs up for your videos ;) keep up the good work!

Great explanation, thanks a lot.

Used graylog for a while, hated it. This looks much nicer, going to give it a whirl. Currently just aggregating into a rsyslog server with some scripts to compress and logrotate.

Thanks, great explanation indeed

Hello, I have LXC containers (15) with dockers running inside, have you found a way to monitor them without installing the agent on all of them?

for the syslog, see if you can point the logs towards a dummy ip address. this way if someone gets into you system, they won't be able to find and mess with the logging server

Great video! I installed grafana, prometheus, loki and promtail on my Proxmox host and I am really liking it. One question: is there an easy way to get promtail to get logs from my Proxmox LXC containers and VMs? Or do I need to install promtail into each LXC/VM in order to get the logs into loki?

I love grep, awk, wc, uniq and sort commands :)

Simply amazing

you can use ./bla (relative path) for binding volume

Great video. Thanks for putting this info out. I will use it to monitor my home network. QQ on syslog, once I place the configuration in the yaml file, I dnt need to use something like rsyslog on a server to listen to the syslog and forward it to promtail? I can send the my syslog directly to promtail container on port 1514?

Awesome video @TechnoTim . Around the 15:24 mark, he was talking about how you would usually check Docker logs then scrolled down his container names, how did he do that? I'm assuming it is a particular shell, maybe? Anyone knows?

Hi Tim thanks for all the good stuff you create! I really would like to log actions on my kids' windows 10 computers (they're 8 yo). Just "items" like which program has been started and on google & youtube what was being queried/returned/displayed... Do you have an idea how to achieve that?

Can this be done in a VM? I really don't have the time to learn about docker, containers. Thanks.

really nice content dude!

I got this working well for standard logs . I'm curious if I can send other logs, like from ansible pull or from application that I write, to promtail as well. Google wasn't useful for answering this question, so maybe I'll hit up reddit and Grafana forums.

excellent, man! We are evaluating right now a custom logging solution as the ones offered by major cloud providers are quite expensive... alternatives would have been an ELK stack, or something preconfigured as graylog... what do you think? Thanks

I seem to be missing something with the syslog portion. I set it up with the listening ports. I then went into one of my network devices and pointed it to loki on port 1514. Now what? I don't see anything in grafana indicating that any syslogs are coming in. I must be missing something really basic.

Hey, Thanks for providing docker-compose grafana loki setup. Could you please kubernats (using kind) grafana loki yml if possible(for capturing the ISTIO logs)

very nice video, well done, thanks.

I would like to reach a position where my ctrl and enter breaks. How can I do it?

Great tutorial!!! Is is difficult to get logs out of loki without Granfana Dashboard.

Hi, I am setting up Grafana, Loki, and Promtail for an upcoming project, and I am using syslog-ng to receive logs from external devices. Can you create a video tutorial on using syslog-ng with Grafana Loki?

Hey Tim - great information in your videos! Through lots of tinkering, I've managed to get k3s, cert-manager, rancher, traefik with tls certs up and running under Proxmox (I backed up my whole server, reformatted with Proxmox, created a VM and restored the server which runs 35+ containers in docker for my homelab). I want to get Grafana Loki but also want the prometheus and alerting too from your monitoring video. It looks like installing monitoring via the marketplace gets charts etc but do you just add loki rather than the loki stack? Adding loki stack seems to add things but there were no charts by default installed. Again, thanks for your awesome work. Your homelab machinery is sweet!

Hi Techno Tim, Docker compose does not work. Services are not exposed... I get a 404 page not found at port 3100 the port 3000 is not exposed at all... What do i have to do now?

let me ask 1 question Loki is possible to connect with old container logs after using docker plugin

this video is great help

Unfortunately, I found that the syslog functions do not work with my firewall (SonicWALL) and promtail. Looking at some dashboards on Grafana related to SonicWALL it says something about setting up rsyslog in front of promtail to get it to work.

1. Is Loki-Promtail stack suitable for aggregating and shipping logs that are generated at microsecond level?. 2. When logs are available in multiple files, promtail ships the logs in round robin fashion, spoiling the order of the logs. (Let's say logs generated through rolling file appender fashion). Any comments will be helpful.

Hi friends, Note : logs are from ubuntu server.... I'm looking for a log retention for 3 months in grafana loki .... How can we extend the retention period from the default 30 days to 90 days ??

Great video, just set it up. One question though: Retention, what are the limits, and where can you set them to stop it taking up all the space on my host?!

Thank you !, Your video really help me get this going !. Does someone know about a grafana dashboard ID to see all containers ?

Hi, great video. Inspired me to try Loki in my k3s system for my app. I have an issue though. I cannot query logs that are older than 1 hour (no data is returned). Do you potentially know what could be the cause of that, which configuration, because I spend a couple of hours and cannot find the solution.

Hi Tim Great video. I got the local logs working fine but when trying to get the logs from my docker containers its not working. Could you please point me in the right direction to check for any logs as to where it could be failing ? Thanks

Hey Tim, great tutorial I had a bit of difficulty to set it up on my synology NAS, case, je deamon.json is not located in /etc/docker... it's in /var/packages/Docker/etc wich is a siimlink to /volume1/@appconf/Docker and second diff it's not named daemon.json but dockerd.json... this may help people using their Synology NAS to host a few apps ;)

A new video, I love it // Vermium

very nice thanks for this

Is there a video on how to set up the dashboard?

Great presentation! , thanks you

It looks promising but what about the syslog listener. Can you specify if it should listen for UDP or TCP? Some of the applications that we have can not do either UDP or TCP, so we have to have individual inputs in graylog for them. Also, if its a major hasle to get readable syslogs from some servers, then I wonder how much time i would have to spend to set this up for all our types of serves/applications

I used Rancher Monitoring from your previous tutorial with Grafana. I had to remove it since it uses a lot of resources.