The Docker Logentries Container is container that will collect per container log data and statistics (from the Stats API available with Docker 1.5 and above) as well as Docker API events and will stream this data in real time to Logentries. The Docker Logentries Container will send the data directly to your Logentries account via your unique Logentries log token.
Additional information about the Docker Logentries container is available on Docker Hub
You can pull the latest version of the Docker Logentries container from the Docker Hub by running:
sudo docker pull logentries/docker-logentries
Alternatively, you can build the image yourself by following the steps below:
Clone the Docker Logentries repository:
git clone https://github.com/nearform/docker-logentries.git
Navigate to the Docker Logentries directory:
Build the Docker Logentries container:
sudo docker build -t docker-logentries .
To start the Docker Logentries container, run the command below:
docker run -v /var/run/docker.sock:/var/run/docker.sock logentries/docker-logentries -t <token>
In the above, you’ll need to replace <token> with the token associated with a destination log in your Logentries account. More information on generating and retrieving log tokens can be found here.
The following parameters are optional:
-j– Used if you log in a JSON format
--add– Allows you to add fixed values to each log message before it is forwarded to Logentries. These values follow a 'name=value' format.
--secure- set true to connect over SSL or false to connect over plain TCP
--no-stats– Disable the forwarding of container metrics.
--privileged– Provide extended privileges to the container. You will need use this option if you are running the Docker Logentries container in an environment that does not allow access to the Docker socket without special privileges (e.g. Google Compute Engine). If you receive an EACCES error, try running the container while passing this parameter.
--matchByName REGEXP– Forward logs only from containers whose name matches the regular expression provided in the REGEXP field.
--matchByImage REGEXP– Forward logs only from containers whose image name matches the regular expression provided in the REGEXP field.
--skipByName REGEXP– Exclude log events from containers whose name matches the regular expression provided in the REGEXP field.
--skipByImage REGEXP– Exclude log events from containers whose image name matches the regular expression provided in the REGEXP field.
With the latest version of the Logentries Docker container you will be able to forward Docker Event Logs straight to your account. This new feature requires no extra configuration, the Event Logs will appear in your log which you set up in the previous step. With Docker Event Logs you can now listen for container events like starting and stopping, which will allow you to get a greater understanding of what is happening in your environment and allow you to set up Alerts to allow you act on such events.
You can see an example of these event logs below.
"id": "777ccc404571f880389fc3f970b2b33ede13c5584818b14f5f579e79f44586eb", "type": "start", "image": "ce60b5a65b6a62aaded30a4aabc1d991883eacaf5353a36f3e1a345c6f5ebd18", "name": "amazing", "host": "localhost:8011/step5/845cadd859604da8f4ead2b054b10f02915e0fdd", "execute": "node /service.js"
You can read more about the Docker Event logs here https://docs.docker.com/reference/api/docker_remote_api_v1.17/#monitor-dockers-events