[Feature request] Journal forwarding from remote instances #23
Comments
|
What is the use case of this ? |
|
Let's assume we want to create some centralised log collection from multiple docker-enabled hosts. For convenience we have to use journald logging driver on every docker host (or docker logs won't work locally). So, now we have multiple options: to send journald logs to some journald-enabled host, to pass journald to local syslog and send them via syslog proto or to install (build on every host as no distributions provide corresponding package atm) netlogd on every machine. For me the best option is to pass all the logs as is to centralised journald and, from there to pass them on for analysis via standard syslog (netlogd is extremely helpful here). So if it's possible pass all collected logs from all the hosts via syslog/netlogd, it would be great! |
|
why not directly store and eliminate the centralised journald. In that way you don;t need a centralized |
|
It's mostly about protocols. In my case, all the analytics are bound to syslog... So it's either netlogd on every machine (additional build-time deps, build is slightly distro-dependent) or local forwarding docker journald driver->journald->syslog->syslog-remote. Centralized storage with journald seems a little bit more convenient for me-almost no setup on each node, journald-remote is in every distro's repo, http transport. There is no doubt, there are other options to achieve what I'm looking for, but it would be easier imo with a nice little tool like netlogd. Thanks! |
It would be great to have such a feature, when netlogd forwards /var/log/journal/remote messages.
The text was updated successfully, but these errors were encountered: