Using Graylog to log from Nginx in a Docker container.

J
Julian
  • 22 Jan '22
Currently I run Nginx as a reverse proxy in a Docker container.

FROM nginx

ENV DEBIAN_FRONTEND noninteractive

... Details hidden ...

EXPOSE 80
EXPOSE 443

CMD nginx -g 'daemon off;'

We are wanting to use Graylog, and have it for our other containers.  So I
want to now use it for Nginx.  Graylog is like Syslog.

I went to follow this guide:

https://github.com/ronlut/graylog-content-pack-nginx-docker

It recommends we symbolically link the logs to stdout/stderr (which is
already part of the docker container) and it then uses this language (see
the bottom of the the README.md at github):

Run

Now, when your logs are collected by docker from stdout & stderr, you can
run your docker using this command:

docker run --log-driver=gelf --log-opt
gelf-address=udp://<GraylogIP>:12401 <ImageName> <Command>

for example:

docker run --log-driver=gelf --log-opt
gelf-address=udp://<GraylogIP>:12401 busybox echo Hello Graylog

<https://github.com/ronlut/graylog-content-pack-nginx-docker#screenshots>Has
anyone had any experience with this? Or understand this last set of steps?

Thank you

Julian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220122/051d0ee5/attachment.htm>
S
Sergey
  • 23 Jan '22
Hi Julian,

hope you're doing well.

On Sat, Jan 22, 2022 at 03:22:40PM -0600, Julian Brown wrote:
> Currently I run Nginx as a reverse proxy in a Docker container.
> 
> FROM nginx
> 
> ENV DEBIAN_FRONTEND noninteractive
> 
> ... Details hidden ...
> 
> EXPOSE 80
> EXPOSE 443
> 
> CMD nginx -g 'daemon off;'
> 
> We are wanting to use Graylog, and have it for our other containers.  So I
> want to now use it for Nginx.  Graylog is like Syslog.
> 
> I went to follow this guide:
> 
> https://github.com/ronlut/graylog-content-pack-nginx-docker
> 
> It recommends we symbolically link the logs to stdout/stderr (which is
> already part of the docker container) and it then uses this language (see
> the bottom of the the README.md at github):
> 
> Run
> 
> Now, when your logs are collected by docker from stdout & stderr, you can
> run your docker using this command:
> 
> docker run --log-driver=gelf --log-opt
> gelf-address=udp://<GraylogIP>:12401 <ImageName> <Command>
> 
> for example:
> 
> docker run --log-driver=gelf --log-opt
> gelf-address=udp://<GraylogIP>:12401 busybox echo Hello Graylog
> 
> <https://github.com/ronlut/graylog-content-pack-nginx-docker#screenshots>Has
> anyone had any experience with this? Or understand this last set of steps?

Since it's not related to nginx indirect, I'd recommend to raise a
question or an issue for the project on GH, i.e.
https://github.com/ronlut/graylog-content-pack-nginx-docker/issues/new/choose

Hope that helps.

--
Sergey A. Osokin
J
Julian
  • 23 Jan '22
OK, thank you

On Sun, Jan 23, 2022 at 9:47 AM Sergey A. Osokin <osa at freebsd.org.ru> wrote:

> Hi Julian,
>
> hope you're doing well.
>
> On Sat, Jan 22, 2022 at 03:22:40PM -0600, Julian Brown wrote:
> > Currently I run Nginx as a reverse proxy in a Docker container.
> >
> > FROM nginx
> >
> > ENV DEBIAN_FRONTEND noninteractive
> >
> > ... Details hidden ...
> >
> > EXPOSE 80
> > EXPOSE 443
> >
> > CMD nginx -g 'daemon off;'
> >
> > We are wanting to use Graylog, and have it for our other containers.  So
> I
> > want to now use it for Nginx.  Graylog is like Syslog.
> >
> > I went to follow this guide:
> >
> > https://github.com/ronlut/graylog-content-pack-nginx-docker
> >
> > It recommends we symbolically link the logs to stdout/stderr (which is
> > already part of the docker container) and it then uses this language (see
> > the bottom of the the README.md at github):
> >
> > Run
> >
> > Now, when your logs are collected by docker from stdout & stderr, you can
> > run your docker using this command:
> >
> > docker run --log-driver=gelf --log-opt
> > gelf-address=udp://<GraylogIP>:12401 <ImageName> <Command>
> >
> > for example:
> >
> > docker run --log-driver=gelf --log-opt
> > gelf-address=udp://<GraylogIP>:12401 busybox echo Hello Graylog
> >
> > <https://github.com/ronlut/graylog-content-pack-nginx-docker#screenshots
> >Has
> > anyone had any experience with this? Or understand this last set of
> steps?
>
> Since it's not related to nginx indirect, I'd recommend to raise a
> question or an issue for the project on GH, i.e.
>
> https://github.com/ronlut/graylog-content-pack-nginx-docker/issues/new/choose
>
> Hope that helps.
>
> --
> Sergey A. Osokin
> _______________________________________________
> nginx mailing list -- nginx at nginx.org
> To unsubscribe send an email to nginx-leave at nginx.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220123/24455f88/attachment.htm>
  • Page 1 of 1
Reply