On Sat, Mar 06, 2021 at 01:12:30PM +0000, Stuart Henderson wrote:
> On 2021/03/05 14:29, Landry Breuil wrote:
> > On Fri, Mar 05, 2021 at 02:20:58PM +0100, Landry Breuil wrote:
> > > Hi,
> > >
> > >
> > > here's an update to loki 2.1.0, cf
> > > https://github.com/grafana/loki/releases/ for the various relnotes since
> > > the 1.4.1 we're having now. Totally untested on OpenBSD, but im using it
> > > on debian .. so might as well update the port.
> >
> > Even better with non-ether diff.
>
> OK.
>
> While you're there, can you add daemon_logger="daemon.info" to loki.rc please?
Hah, nice idea !
> (Not for promtail though, it could end up in a nasty loop..)
yeah, that would quickly lead to a log exhaustion i think..
> Pity promtail's syslog-over-TCP ingester (which uses influxdata/go-syslog)
> only does RFC5424 and doesn't work with messages from OpenBSD syslogd though..
>
> level=warn ts=2021-03-06T12:39:18.055119653Z caller=syslogtarget.go:183 msg="error parsing syslog stream" err="expecting a version value in the range 1-999 [col 7]"
yeah it's a bit sad, the syslog sink was discussed in
https://github.com/grafana/loki/issues/935 upstream and
https://github.com/grafana/loki/issues/935#issuecomment-554960778
clearly states that 'Ingest BSD syslog (RFC3164) / ingest over UDP' isnt
supported.
In my usecase on debian with nginx (which only logs to syslog over UDP)
i resorted to use rsyslog as a forwarder, listening to nginx logs
(already formatted as json) and forwarding them to promtail using omfwd
module, cf
https://grafana.com/docs/loki/latest/clients/promtail/scraping/#rsyslog-output-configuration
that quickly allows to do nifty things such as
https://grafana.com/grafana/dashboards/12559
Landry
No comments:
Post a Comment