Collecting docker logs using filebeat

rohitC · March 7, 2017, 2:01pm

Hi,

I want to collect logs(with container metadata like container id, image name, host machine) of applications running in containers deployed on more than one host machines using Mesos-Marathon. After some initial investigation, I have decided to use elastic search, filebeat and Kibana.
Which way is good to go:

Running filebeat inside each container, or
Running filebeat per host, or
any other way?

If we select option 2 above, how to add container metadata with logs? If I make one prospector per container with dynamically populated tags/fields as that container's metadata, how to continuously check for any new containers coming up and add corresponding new prospectors?

ruflin · March 11, 2017, 4:13pm

I would definitively go with option 2. For the meta data: You would need a script that checks the container stats to check for new containers or have each new container write its config file itself (trough a script). We are aware that this is not optimal yet and working on ideas on how we could improve this.

rohitC · March 11, 2017, 4:41pm

Thanks @ruflin for your reply.

system · April 8, 2017, 4:42pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Configure filebeat docker metadata Beats docker , filebeat	1	342	January 1, 2020
Need to gather the host logs , filebeat running as a container Beats docker , filebeat	13	2431	October 20, 2021
Add docker metadata not working even after trying all possible combinations Beats filebeat	9	1193	December 25, 2018
How to collect containerized elasticsearch logs with filebeat Beats docker , filebeat	8	2634	April 12, 2022
Getting logs from elasticsearch that runs in a container Beats elastic-stack-monitoring , filebeat	3	1736	January 13, 2020

Collecting docker logs using filebeat

Related topics