Log Collection - eviltoast

I’m in the process of re-configuring my home lab and would like to get some help figuring out log collection. My setup was a hodgepodge of systems/OSes using rsyslog to send syslogs to a syslog listener on my qnap but that’s not going to work anymore (partly because the qnap is gone).

My end-goal is going to be as homogeneous as I can manage. Mostly Debian 12 systems (phy and vm) and Docker containers. Does anyone know of a FOSS solution that can ingest journald, syslog, and if it’s even possible to send docker logs to a log collector?

Thanks

  • Dogeek@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    You could use grafana loki to handle logs, it’s similar to Prometheus so if you’re already using that and/or grafana it’s an easy setup and the API is really simple too.

    • farcaller@fstab.sh
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      I second this. Loki for logs, VictoriaMetrics for metrics―it’s significantly more lightweight than ELK logging (and any lags are irrelevant for a homelab), and VM is similarly much more careful with RAM than Prometheus.

      • keyez@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        Much less intensive than an elasticsearch anything. I have Loki, grafana and 3 promtail clients running for my env (switched from Graylog/elasticsearch) and over the last few days Loki is sitting at 3GB memory and 8% CPU processing logs for about 6 devices.