What SIMPLE log aggregator for homelab use? (alien.top)

submitted 11 months ago by domanpanda@alien.top to c/main@selfhosted.forum

7 comments fedilink hide all child comments

First of all i DONT'T ask what DO YOU use, because i know some ppl have really advanced and fancy stuff at home. So if you want give advice please try to make it relevant to this post. Otherwise it wont be usefull much.

Im looking for some simple log aggregator system which allows me to see logs in one place (like web panel). Logs i want to observe are:

syslogs from few machines
docker containers logs
logs in docker volumes (like nginx proxy configs)

I dont need fancy filtering, querying, alerting, visualisations, webhooks etc. I just want to gather my logs in one place and be able to quickly check them out. For example ELK stack which i used in the past is complete opposite of this.

Ive seen Loki, but it requires to learn graphQL and there are some weird issues with docker driver (like freezing all containers when loki goes down??).

Ive seen Graylog tutorial by Lawrence Systems and it seems to be simpler on the surface, yet powerfull if needed. Im checking now how to monitor docker with it.

Ive seen some swear by splunk - that it's easy to setup - is it true?

top 7 comments

sorted by: hot top controversial new old

[-] Undefined_ID@alien.top 1 points 11 months ago

LibreNMS include syslog-ng in its docker version: https://github.com/librenms/docker#syslog-ng-container
in addition to having one of the best open source software for monitoring, you will have an easy-to-use aggregator for your logs.

[-] domanpanda@alien.top 1 points 11 months ago

Can it monitor containers or some files?

[-] dumbasPL@alien.top 1 points 11 months ago

!remindme 48h

[-] xXAzazelXx1@alien.top 1 points 11 months ago

Splunk is not free , right?

[-] osuhickeys@alien.top 1 points 11 months ago

Dozzle

[-] chignole@alien.top 1 points 11 months ago

I use dozzle to access my containers logs, it's simple and yet works very well for my needs, but OP needs to monitor syslogs and i don't know if it's possible with Dozzle ?

[-] Xenkath@alien.top 1 points 11 months ago

I really like Seq. It supports tons of log types, including GELF, which means you can configure your docker hosts to send all container logs to Seq with just a couple lines in Docker’s daemon.json file.

Setup is pretty simple as a docker compose stack containing the Seq container and a container for ingesting each of the log types you plan to use.

If you wanted to try it out, I’d recommend setting up Seq with seq-input-gelf and seq-input-syslog, and setting up nginx to send access and error logs to syslog as detailed here.

this post was submitted on 21 Nov 2023

0 points (50.0% liked)

Self-Hosted Main

504 readers

1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

Service: Dropbox - Alternative: Nextcloud
Service: Google Reader - Alternative: Tiny Tiny RSS
Service: Blogger - Alternative: WordPress

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

Awesome-Selfhosted List of Software
Awesome-Sysadmin List of Software

founded 1 year ago

MODERATORS

communick@selfhosted.forum