First of all i DONT’T ask what DO YOU use, because i know some ppl have really advanced and fancy stuff at home. So if you want give advice please try to make it relevant to this post. Otherwise it wont be usefull much.
Im looking for some simple log aggregator system which allows me to see logs in one place (like web panel). Logs i want to observe are:
- syslogs from few machines
- docker containers logs
- logs in docker volumes (like nginx proxy configs)
I dont need fancy filtering, querying, alerting, visualisations, webhooks etc. I just want to gather my logs in one place and be able to quickly check them out. For example ELK stack which i used in the past is complete opposite of this.
Ive seen Loki, but it requires to learn graphQL and there are some weird issues with docker driver (like freezing all containers when loki goes down??).
Ive seen Graylog tutorial by Lawrence Systems and it seems to be simpler on the surface, yet powerfull if needed. Im checking now how to monitor docker with it.
Ive seen some swear by splunk - that it’s easy to setup - is it true?
LibreNMS include syslog-ng in its docker version: https://github.com/librenms/docker#syslog-ng-container
in addition to having one of the best open source software for monitoring, you will have an easy-to-use aggregator for your logs.