Unomaly docs
Unomaly docs

Docker

Docker is a tool designed to make it easier to create, deploy, and run applications by using containers. Containers allow a developer to package up an application with all of the parts it needs, such as libraries and other dependencies, and ship it all out as one package.

You can automatically forward Docker container logs to fluentd by using Docker’s built-in fluentd log-driver. Unomaly ships with a default fluentd container that ingests log data into Unomaly. So you can use Docker to ingest logs to Unomaly via Unomaly’s fluentd component. See the Fluentd integration for an example configuration.

Log-driver configuration

1. Configure the Docker daemon to forward logs to the default fluentd receiver.

The file /etc/docker/daemon.json on the instance running Docker should include the following to enable forwarding:

{
    "log-driver": "fluentd",
    "log-opts": {
        "fluentd-address": "my-unomaly-host:24224",
        "tag": "my-source-host.{{.DaemonName}}.{{.ImageName}}.{{.Name}}.{{.ID}}",
        "fluentd-async-connect": "true"
    }
}

The tag property defines the format of syslog messages that are forwarded to fluentd.

  • my-source-host denotes the server hostname where the Docker daemon is running. Replace it with the hostname of your source system.
  • You may customize the tag to generate syslog messages that meet your needs.

2. Restart Docker to apply the changes. On Debian-based systems, you can use the following command:

sudo service docker restart

Configure system names

The default file /DATA/fluentd/etc/fluent.conf on the Unomaly host names systems in the Unomaly user interface based on the tag. You can change how those system names are created.

For example, if the full source path from Docker looks like this:

my-source-host.docker.nginx-latest.my-container.123456

You may customize the system name to using a record transformer in the fluentd configuration file.

1. To use my-source-host.docker-nginx-latest as the system name, replace:

hostname "${tag_parts[2]}"

With:

hostname "${tag_prefix[2]}"

2. Restart fluentd to apply the changes:

unomaly restart fluentd

Table of Contents