How to create rolling logs for Filebeat within a docker container












0















I'm new to log4j2 and the elastic stack.



I have a filebeat docker container that doesn't work exactly how I want and now I want to take a look at the logs. But when I do docker-compose logs I get a lot debug messages and json objects. It's unreadable how much there is.



How can I create a log4j2 properties setup to create some rolling log files. Maybe put the old logs into a monthly based folder or something? and where do I put this log4j2.properties file?






docker logging log4j2 elastic-stack filebeat







share|improve this question

























  • Did you manage to try out the answer below or confirm a solution of your own?

    – Alexandre Juma
    Nov 30 '18 at 10:20
















0















I'm new to log4j2 and the elastic stack.



I have a filebeat docker container that doesn't work exactly how I want and now I want to take a look at the logs. But when I do docker-compose logs I get a lot debug messages and json objects. It's unreadable how much there is.



How can I create a log4j2 properties setup to create some rolling log files. Maybe put the old logs into a monthly based folder or something? and where do I put this log4j2.properties file?






docker logging log4j2 elastic-stack filebeat







share|improve this question

























  • Did you manage to try out the answer below or confirm a solution of your own?

    – Alexandre Juma
    Nov 30 '18 at 10:20














0












0








0








I'm new to log4j2 and the elastic stack.



I have a filebeat docker container that doesn't work exactly how I want and now I want to take a look at the logs. But when I do docker-compose logs I get a lot debug messages and json objects. It's unreadable how much there is.



How can I create a log4j2 properties setup to create some rolling log files. Maybe put the old logs into a monthly based folder or something? and where do I put this log4j2.properties file?






docker logging log4j2 elastic-stack filebeat







share|improve this question
















I'm new to log4j2 and the elastic stack.



I have a filebeat docker container that doesn't work exactly how I want and now I want to take a look at the logs. But when I do docker-compose logs I get a lot debug messages and json objects. It's unreadable how much there is.



How can I create a log4j2 properties setup to create some rolling log files. Maybe put the old logs into a monthly based folder or something? and where do I put this log4j2.properties file?






docker logging log4j2 elastic-stack filebeat




docker logging log4j2 elastic-stack filebeat






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Oct 17 '18 at 12:40







Jeggy

















asked Oct 17 '18 at 12:32









JeggyJeggy

262521




262521













  • Did you manage to try out the answer below or confirm a solution of your own?

    – Alexandre Juma
    Nov 30 '18 at 10:20



















  • Did you manage to try out the answer below or confirm a solution of your own?

    – Alexandre Juma
    Nov 30 '18 at 10:20

















Did you manage to try out the answer below or confirm a solution of your own?

– Alexandre Juma
Nov 30 '18 at 10:20





Did you manage to try out the answer below or confirm a solution of your own?

– Alexandre Juma
Nov 30 '18 at 10:20












1 Answer
1






active

oldest

votes


















0














It's generating a lot of logs because you're running docker-compose logs, which will get the logs for all containers in your docker compose file.



What you want is probably:





  • docker logs <name-of-filebeat-container>. The name of the filebeat container can be found doing a docker ps.


  • docker compose logs <name-of-filebeat-service>. The name of the service can be found on your docker-composer.yml file.


Regarding the JSON outputs, you can query your Docker engine default logging driver with: 



# docker info | grep 'Logging Driver'

Logging Driver: json-file


If your container have a different Logging Driver you can check with:



docker inspect -f '{{.HostConfig.LogConfig.Type}}' <name-or-id-of-the-container>


You can find all log drivers in this link



To run containers with a different log-driver you can do:




  • With docker run: docker run -it --log-driver <log-driver> alpine ash


  • With docker-compose: 



    `logging:
    
  driver: syslog
    
  options:
    
    syslog-address: "tcp://192.168.0.42:123"`



Regarding your log rotation questio, I'd say the easyest way is to configure the logging driver with the syslog driver, configure it to your local machine (or your syslog server) and then logrotate the files.



You can find several logrotate articles for Linux (which I assume you're using), for example this one






share|improve this answer























    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f52854955%2fhow-to-create-rolling-logs-for-filebeat-within-a-docker-container%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    It's generating a lot of logs because you're running docker-compose logs, which will get the logs for all containers in your docker compose file.



    What you want is probably:





    • docker logs <name-of-filebeat-container>. The name of the filebeat container can be found doing a docker ps.


    • docker compose logs <name-of-filebeat-service>. The name of the service can be found on your docker-composer.yml file.


    Regarding the JSON outputs, you can query your Docker engine default logging driver with: 



    # docker info | grep 'Logging Driver'
    
Logging Driver: json-file


    If your container have a different Logging Driver you can check with:



    docker inspect -f '{{.HostConfig.LogConfig.Type}}' <name-or-id-of-the-container>


    You can find all log drivers in this link



    To run containers with a different log-driver you can do:




    • With docker run: docker run -it --log-driver <log-driver> alpine ash


    • With docker-compose: 



      `logging:
      
  driver: syslog
      
  options:
      
    syslog-address: "tcp://192.168.0.42:123"`



    Regarding your log rotation questio, I'd say the easyest way is to configure the logging driver with the syslog driver, configure it to your local machine (or your syslog server) and then logrotate the files.



    You can find several logrotate articles for Linux (which I assume you're using), for example this one






    share|improve this answer




























      0














      It's generating a lot of logs because you're running docker-compose logs, which will get the logs for all containers in your docker compose file.



      What you want is probably:





      • docker logs <name-of-filebeat-container>. The name of the filebeat container can be found doing a docker ps.


      • docker compose logs <name-of-filebeat-service>. The name of the service can be found on your docker-composer.yml file.


      Regarding the JSON outputs, you can query your Docker engine default logging driver with: 



      # docker info | grep 'Logging Driver'
      
Logging Driver: json-file


      If your container have a different Logging Driver you can check with:



      docker inspect -f '{{.HostConfig.LogConfig.Type}}' <name-or-id-of-the-container>


      You can find all log drivers in this link



      To run containers with a different log-driver you can do:




      • With docker run: docker run -it --log-driver <log-driver> alpine ash


      • With docker-compose: 



        `logging:
        
  driver: syslog
        
  options:
        
    syslog-address: "tcp://192.168.0.42:123"`



      Regarding your log rotation questio, I'd say the easyest way is to configure the logging driver with the syslog driver, configure it to your local machine (or your syslog server) and then logrotate the files.



      You can find several logrotate articles for Linux (which I assume you're using), for example this one






      share|improve this answer


























        0












        0








        0







        It's generating a lot of logs because you're running docker-compose logs, which will get the logs for all containers in your docker compose file.



        What you want is probably:





        • docker logs <name-of-filebeat-container>. The name of the filebeat container can be found doing a docker ps.


        • docker compose logs <name-of-filebeat-service>. The name of the service can be found on your docker-composer.yml file.


        Regarding the JSON outputs, you can query your Docker engine default logging driver with: 



        # docker info | grep 'Logging Driver'
        
Logging Driver: json-file


        If your container have a different Logging Driver you can check with:



        docker inspect -f '{{.HostConfig.LogConfig.Type}}' <name-or-id-of-the-container>


        You can find all log drivers in this link



        To run containers with a different log-driver you can do:




        • With docker run: docker run -it --log-driver <log-driver> alpine ash


        • With docker-compose: 



          `logging:
          
  driver: syslog
          
  options:
          
    syslog-address: "tcp://192.168.0.42:123"`



        Regarding your log rotation questio, I'd say the easyest way is to configure the logging driver with the syslog driver, configure it to your local machine (or your syslog server) and then logrotate the files.



        You can find several logrotate articles for Linux (which I assume you're using), for example this one






        share|improve this answer













        It's generating a lot of logs because you're running docker-compose logs, which will get the logs for all containers in your docker compose file.



        What you want is probably:





        • docker logs <name-of-filebeat-container>. The name of the filebeat container can be found doing a docker ps.


        • docker compose logs <name-of-filebeat-service>. The name of the service can be found on your docker-composer.yml file.


        Regarding the JSON outputs, you can query your Docker engine default logging driver with: 



        # docker info | grep 'Logging Driver'
        
Logging Driver: json-file


        If your container have a different Logging Driver you can check with:



        docker inspect -f '{{.HostConfig.LogConfig.Type}}' <name-or-id-of-the-container>


        You can find all log drivers in this link



        To run containers with a different log-driver you can do:




        • With docker run: docker run -it --log-driver <log-driver> alpine ash


        • With docker-compose: 



          `logging:
          
  driver: syslog
          
  options:
          
    syslog-address: "tcp://192.168.0.42:123"`



        Regarding your log rotation questio, I'd say the easyest way is to configure the logging driver with the syslog driver, configure it to your local machine (or your syslog server) and then logrotate the files.



        You can find several logrotate articles for Linux (which I assume you're using), for example this one







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Nov 22 '18 at 10:21









        Alexandre JumaAlexandre Juma

        544214




        544214






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f52854955%2fhow-to-create-rolling-logs-for-filebeat-within-a-docker-container%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Costa Masnaga

            Image
            .mw-parser-output .avviso .mbox-text-div>div,.mw-parser-output .avviso .mbox-text-full-div>div{font-size:90%}.mw-parser-output .avviso .mbox-image div{width:52px}.mw-parser-output .avviso .mbox-text-full-div .hide-when-compact{display:block} Questa voce o sezione sull'argomento Lombardia non cita le fonti necessarie o quelle presenti sono insufficienti . Puoi migliorare questa voce aggiungendo citazioni da fonti attendibili secondo le linee guida sull'uso delle fonti. Segui i suggerimenti del progetto di riferimento. Costa Masnaga comune Localizzazione Stato   Italia Regione Lombardia Provincia Lecco Amministrazione Sindaco Sabina Panzeri (Al centro il cittadino) dall'08/06/2009 Territorio Coordinate 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Coordinate: 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Altitudine 318 m s.l.m
            Read more

            Fotorealismo

            Image
            Guerrino Boatto, Venice's St. Barnaba Church and canal Il fotorealismo è un genere di pittura basato sull'uso di una o più fotografie dalle quali l'artista prende le informazioni necessarie da utilizzare poi nel processo della creazione dell'opera, in genere ad olio o ad acrilico, al fine di avere un aspetto finale il più simile possibile alla fotografia. Indice 1 Storia 2 Lista dei fotorealisti 3 Note 4 Voci correlate 5 Altri progetti Storia | Il fotorealismo è un movimento che nasce negli Stati Uniti d'America alla fine degli anni sessanta [1] sulla scia della Pop Art [2] [3] [4] , e insieme condividono il carattere reazionario verso la travolgente ascesa dei media, che alla metà del ventesimo secolo si trasforma in un fenomeno di massa talmente imponente da minacciare il valore dell'immagine nell'arte. [5] [6] Ne consegue così che, colto il gesto d'inizio che fu della Pop Art, i fotorealisti aprono ad un
            Read more

            Create new schema in PostgreSQL using DBeaver

            Image
            0 At the beginning of my current job I had limited access to DB but recently my role is changed to superuser, admin, and owner. My colleague who was the previous DB admin is able to create a schema or change the permissions as there is a permission tab in the properties and he can change permissions by clicking easily. Would you please let me know how I can create schema and change permissions as well? Why his dbeaver looks different from me? He can easily right click on the schema folder on top of all schemas on the left side column and select create new schema while I do not have that, like the following picture I found on the internet. postgresql database-schema dbeaver share | improve this question
            Read more