Developed By: Rudra Prakash Singh, Esther Jang
This guide walks you through the process of setting up a Grafana Server Log Monitoring Dashboard, including the installation and configuration of Grafana, Loki, and Promtail for log aggregation and visualization. It also covers setting up scripts for automating log retrieval and dashboard updates.
Step 1: Install Grafana via CLI
- Install Grafana on your server using the following instructions for Debian-based systems:
-
Follow the installation guide here: Grafana Installation on Debian
-
Once installed, start Grafana and make sure it's accessible via a port (default:
3000). -
After Grafana is running, create an admin account. Once logged in, you'll land on the Grafana homepage.
Step 2: Install Loki
- Install Loki by following the official instructions for Docker:
- Loki Installation via Docker
Step 3: Create a Docker Compose File for Loki
To set up Loki with Grafana, create a docker-compose.yml file:
version: "3" # The version can be removed if you're using a recent Docker Compose version.
services:
grafana:
image: grafana/grafana:latest
ports:
- "3000:3000"
networks:
- loki
volumes:
- grafana-data:/path # [CHANGE THIS LINE] Adding persistence for Grafana data
loki:
image: grafana/loki:latest
ports:
- "3100:3100"
networks:
- loki
volumes:
- ./path # [CHANGE THIS LINE] Local directory for Loki data
user: "10001" # Run Loki as the appropriate user to avoid permission issues
promtail:
image: grafana/promtail:latest
command: "-config.file=/etc/promtail/config.yaml" # [CHANGE THIS LINE]
networks:
- loki
volumes:
- "/var/log:/var/log" # [CHANGE THIS LINE] Mounting host logs
networks:
loki:
volumes:
grafana-data: # Declaring the volume for Grafana
Step 4: Install Promtail
- Install Promtail by following the official instructions:
- Promtail Installation Guide
Step 5: Configure Data Sources (Logs)
To aggregate logs from other servers, we set up a method of transferring logs to the Grafana server. The logs are pulled into the Grafana server, where they are processed and rendered on a Grafana dashboard.
Here’s the updated section of the README with the requested changes marked. The rest remains unchanged.
Step 5: Configure Data Sources (Logs)
5.1: Write a Bash Script to Pull Logs
Here’s an example of a script (transfer_logs.sh) to pull logs from another server:
#!/bin/bash
# Define variables
REMOTE_SERVER="root@server_ip" # [CHANGE THIS LINE] Remote server IP
SSH_KEY_PATH="path" # [CHANGE THIS LINE] Path to SSH key
DEST_DIR="path" # [CHANGE THIS LINE] Destination directory on the Grafana server
# Define paths for logs
DOCKER_LOG="path/to/docker/log" # [CHANGE THIS LINE] Path to Docker log on remote server
NGINX_LOG="path/to/nginx/log" # [CHANGE THIS LINE] Path to NGINX log on remote server
SYSLOG="path/to/syslog" # [CHANGE THIS LINE] Path to syslog on remote server
# Create directories if they don't exist
mkdir -p "$DEST_DIR/docker" "$DEST_DIR/nginx" "$DEST_DIR/syslog"
# Transfer logs
echo "Transferring Docker log..."
ssh -i $SSH_KEY_PATH $REMOTE_SERVER "cat $DOCKER_LOG" > "$DEST_DIR/docker/docker.log"
echo "Transferring NGINX log..."
ssh -i $SSH_KEY_PATH $REMOTE_SERVER "cat $NGINX_LOG" > "$DEST_DIR/nginx/error.log"
echo "Transferring syslog..."
ssh -i $SSH_KEY_PATH $REMOTE_SERVER "cat $SYSLOG" > "$DEST_DIR/syslog/syslog.log"
echo "All logs have been successfully transferred."
5.2: Configure Promtail to Scrape Logs
Next, create a promtail-config.yaml file to let Promtail know where the logs are located:
server:
http_listen_port: 9080
grpc_listen_port: 0
positions:
filename: /tmp/positions.yaml
clients:
- url: http://server_ip:3100/loki/api/v1/push # [CHANGE THIS LINE] Loki's URL
scrape_configs:
- job_name: docker_logs
static_configs:
labels:
job: docker
__path__: /path/to/logs/on/grafana/server/docker/*.log # [CHANGE THIS LINE] Path to Docker logs
- job_name: nginx_logs
static_configs:
labels:
job: nginx
__path__: /path/to/logs/on/grafana/server/nginx/*.log # [CHANGE THIS LINE] Path to NGINX logs
- job_name: syslog_logs
static_configs:
labels:
job: syslog
__path__: /path/to/logs/on/grafana/server/syslog/*.log # [CHANGE THIS LINE] Path to syslog logs
Step 6: Configure Grafana to Use Loki
-
Open Grafana’s homepage and click the three vertical lines in the top-left corner.
-
Navigate to Data Sources, then click Add Data Source.
-
Select Loki as the data source type.
-
Define the URL of your Loki instance, which is typically
http://localhost:3100. -
Click Save & Test. You should see a success message confirming the connection.
Step 7: Explore Data in Grafana
-
Go to the Explore section in Grafana.
-
Use label filters and run queries to see the logs coming from Promtail. The labels in the filters correspond to the
labelsdefined in thepromtail-config.yaml.
Step 8: Create a Dashboard
-
On the left sidebar in Grafana, click Dashboards > New Dashboard.
-
Click Add Panel to create a new panel.
-
Under Data Source, select Loki.
-
Write queries to retrieve logs for display. Use different labels to filter log data as needed.
-
Choose a visualization type (e.g., Logs).
-
Repeat the process to add more visualizations, then adjust the layout and size to suit your needs.
-
Save the dashboard once you are satisfied with the layout.
Step 9: Automate Log Retrieval and Update Dashboard
To make the process of pulling logs and updating the Grafana dashboard more automated, create two Python scripts:
9.1: transfer_server.py
This script triggers the Promtail process to start log scraping when accessed via an HTTP request:
from http.server import BaseHTTPRequestHandler, HTTPServer
import subprocess
COMMAND = "sudo ./promtail-linux-amd64 -config.file=promtail-config.yaml"
class RequestHandler(BaseHTTPRequestHandler):
def do_GET(self):
if self.path == "/run":
try:
subprocess.Popen(COMMAND, shell=True)
self.send_response(200)
self.end_headers()
self.wfile.write(b"Command executed successfully.")
except Exception as e:
self.send_response(500)
self.end_headers()
self.wfile.write(f"Error executing command: {e}".encode())
else:
self.send_response(404)
self.end_headers()
self.wfile.write(b"Not found.")
if __name__ == "__main__":
server_address = ('server_ip', 8081)
httpd = HTTPServer(server_address, RequestHandler)
print("Server running on http://server_ip. Access /run to execute the command.")
httpd.serve_forever()
9.2: server.py
This script pulls the logs by executing the previously created bash script:
from http.server import BaseHTTPRequestHandler, HTTPServer
import subprocess
class ScriptHandler(BaseHTTPRequestHandler):
def do_GET(self):
script_path = "/path/to/transfer_logs.sh" # [CHANGE THIS LINE]
try:
subprocess.run([script_path], check=True)
self.send_response(200)
self.send_header("Content-type", "text/html")
self.end_headers()
self.wfile.write(b"Logs Pulled Successfully.")
except subprocess.CalledProcessError:
self.send_response(500)
self.send_header("Content-type", "text/html")
self.end_headers()
self.wfile.write(b"Failed to pull logs.")
def run(server_class=HTTPServer, handler_class=ScriptHandler, port=8080):
server_address = ('', port)
httpd = server_class(server_address, handler_class)
print(f"Starting http server on port {port}")
httpd.serve_forever()
if __name__ == "__main__":
run()
Run both Python scripts in the background using nohup:
nohup python3 transfer_server.py > transfer_server.log 2>&1 &
nohup python3 server.py > server.log 2>&1 &
Step 10: Add Buttons to Grafana Dashboard
-
In Grafana, go to Settings > Links.
-
Add the links to the above Python scripts with the appropriate port (
8080for log pulling and8081for triggering Promtail). -
This will enable users to pull logs instantly as they wish. Make sure promtail activation button is run first when opening dashboard, and then pulling logs button after.