How to add originating docker host name to fluentd log output
228 views
Skip to first unread message
Traiano Welcome
Jun 7, 2018, 11:35:51 PM6/7/18
to flu...@googlegroups.com
Hi
I've set up fluentd logging from docker to a fluentd aggregator, which then sends the log to elasticsearch. Looking at the resulting logs in Kibana, I can see the docker log entry, but I can't see the originating host of the container, which makes it difficult to troubleshoot in a hurry on a large cluster.
How would I configure fluentd to add the docker host address and name to the docker logs sent to fluentd-server?
My current log output looks like this:
{
"_index": "fluentd-20180607",
"_type": "access_log",
"_id": "SDKSLDFFNFSF",
"_version": 1,
"_score": null,
"_source": {
"source": "stdout",
"log": "2018-06-07 10:09:35,693 marathon_lb: adding virtual host for app with id /prometheus/nodex",
"container_id": "dc6b9dff667d77250f9597eda750a06d771f5e34139774a23efb884835db0923",
"container_name": "/mesos-86625275-9f89-4f6a-9561-064c746687ce-S4.f50690d0-7b7b-427b-b40f-f9b8d26f990a",
"@timestamp": "2018-06-07T10:09:35.000000000+00:00",
"@log_name": "docker.dc6b9dff667d"
},
"fields": {
"@timestamp": [
1528366175000
]
},
"sort": [
1528366175000
]
}
"_index": "fluentd-20180607",
"_type": "access_log",
"_id": "SDKSLDFFNFSF",
"_version": 1,
"_score": null,
"_source": {
"source": "stdout",
"log": "2018-06-07 10:09:35,693 marathon_lb: adding virtual host for app with id /prometheus/nodex",
"container_id": "dc6b9dff667d77250f9597eda750a06d771f5e34139774a23efb884835db0923",
"container_name": "/mesos-86625275-9f89-4f6a-9561-064c746687ce-S4.f50690d0-7b7b-427b-b40f-f9b8d26f990a",
"@timestamp": "2018-06-07T10:09:35.000000000+00:00",
"@log_name": "docker.dc6b9dff667d"
},
"fields": {
"@timestamp": [
1528366175000
]
},
"sort": [
1528366175000
]
}
My fluentd source configuration block looks like this:
<source>
@type forward
tag docker.**
port {{ fluentd_collector_docker_log_port }}
bind {{ fluentd_collector_bind_address }}
@label @mainstream
</source>
@type forward
tag docker.**
port {{ fluentd_collector_docker_log_port }}
bind {{ fluentd_collector_bind_address }}
@label @mainstream
</source>
Thanks in advance for any help!
Traiano
Mr. Fiber
Jun 8, 2018, 2:42:23 AM6/8/18
to Fluentd Google Group
--
You received this message because you are subscribed to the Google Groups "Fluentd Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fluentd+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Traiano Welcome
Jun 10, 2018, 10:22:21 AM6/10/18
to flu...@googlegroups.com
On Fri, Jun 8, 2018 at 2:42 PM, Mr. Fiber <repea...@gmail.com> wrote:
Thanks, Masahiro,that worked a treat!
Reply all
Reply to author
Forward
0 new messages