Ok so I’ve been having a problem with logging for a while now. I use a centralized logging platform (Seq) to try and aggregate the logs of the containers I run but most of the log messages come through as errors. This is because the containers would stream their output to stderr and even though it’s formatted it comes as one big error message.
Example:
[2025-01-06 18:17:23] INFO Registering with TVA backend, encode Job status: available
That’s all one big error message I receive even though it’s an INFO message. And every container is different. Their error message is formatted differently, some goes to stdout instead of stderr, some actually work.
Is there a piece of software that I can run that will intercept these messages and convert them to GELF?
Thanks
You must log in or register to comment.
- simple: rsyslog: all local logs to a central syslog file (using the
imfilemodule), all syslogsfrom all server to a central rsyslog server (over TCP/SSL, example here). Uselnavor something similar to consume the logs - more complex, resource-heavy: Graylog Open as a replacement for the central rsyslog server, setup pipelines/alerts/whatever… Currently considering replacing my Graylog instance with Wazuh but I don’t know yet if it will be able to replace it completely for me
- simple: rsyslog: all local logs to a central syslog file (using the
