Graylog - docker swarm fields
DevOps Asked by Wer Bn on September 29, 2020
I have a Docker swarm with a configured Graylog server and the rest of its stack, along with a Logspout service with a replica in all of the swarm’s nodes
As you might know, docker swarm is composed of stacks that have services that spawn tasks.
Every time a task (equivalent to a container) docker has a policy to restart it.
So, in Graylog what I want to achieve is some kind of aggregation by service name or id, without regard for the task.
The problem is this:
Graylog only has those searchable fields related with docker, by default at least.
In my case, it would be very useful if I had docker_service.
I can imagine some sort of extractor that retrieved this information from the docker service and fed Graylog with other useful stuff: the tasks’s networks, stack, volumes, etc…
There is a similar question here. But the answer doesn’t quite fit. You have to change the log itself for it to work, when you already have that information in the docker engine API.
Is there any way "out of the box" of achieving this
Graylog version: 3.3.2
Docker version: 19.03.12
Logspout version: v3-master
Add your own answers!
Ask a Question
Get help from others!
Recent Questions
- How can I transform graph image into a tikzpicture LaTeX code?
- How Do I Get The Ifruit App Off Of Gta 5 / Grand Theft Auto 5
- Iv’e designed a space elevator using a series of lasers. do you know anybody i could submit the designs too that could manufacture the concept and put it to use
- Need help finding a book. Female OP protagonist, magic
- Why is the WWF pending games (“Your turn”) area replaced w/ a column of “Bonus & Reward”gift boxes?
Recent Answers
- Peter Machado on Why fry rice before boiling?
- haakon.io on Why fry rice before boiling?
- Lex on Does Google Analytics track 404 page responses as valid page views?
- Jon Church on Why fry rice before boiling?
- Joshua Engel on Why fry rice before boiling?