mobrien118
Dabbler
- Joined
- Jun 22, 2020
- Messages
- 25
Hello,
Pre-warning - this is a WIP that eventually could be a howto if I figure it out. I'm asking for community support to solve the problem and have already done quite a bit of research. I'll post my current challenges as sub-posts and update the main post as I move along.
I'm having an issue with a router crashing and, due to not logging to persistent storage, it has been difficult to research the issue. I have experience using syslog-ng along with LogAnalyzer on Linux in the past for aggregating disparate logs for rudimentary research capabilities, but don't really want to build a VM just for that right now.
So, I thought "I'm enjoying TrueNAS Scale and have found it useful - let's see if TrueCharts has a solution!"
I went looking and found that Loki is a logging server that could be a solution. It then integrates into Grafana, which can provide some aggregation information that may be helpful. I don't know, though, as I haven't used either yet, but it sounds like a reasonable proposition.
I installed Loki and then discovered that it can only directly accept a newer log format (RFC5424) than my router outputs (RFC3164). I discovered in this blog that syslog-ng can forward logs received in RFC3164 format to an RFC5424 based listener - bingo!
Now I have installed 3 TrueCharts containers - Loki (+Promtail), Grafana and syslog-ng. All good - now just need to integrate them.
This is where I am now... I'm posting current challenges below.
Pre-warning - this is a WIP that eventually could be a howto if I figure it out. I'm asking for community support to solve the problem and have already done quite a bit of research. I'll post my current challenges as sub-posts and update the main post as I move along.
I'm having an issue with a router crashing and, due to not logging to persistent storage, it has been difficult to research the issue. I have experience using syslog-ng along with LogAnalyzer on Linux in the past for aggregating disparate logs for rudimentary research capabilities, but don't really want to build a VM just for that right now.
So, I thought "I'm enjoying TrueNAS Scale and have found it useful - let's see if TrueCharts has a solution!"
I went looking and found that Loki is a logging server that could be a solution. It then integrates into Grafana, which can provide some aggregation information that may be helpful. I don't know, though, as I haven't used either yet, but it sounds like a reasonable proposition.
I installed Loki and then discovered that it can only directly accept a newer log format (RFC5424) than my router outputs (RFC3164). I discovered in this blog that syslog-ng can forward logs received in RFC3164 format to an RFC5424 based listener - bingo!
Now I have installed 3 TrueCharts containers - Loki (+Promtail), Grafana and syslog-ng. All good - now just need to integrate them.
This is where I am now... I'm posting current challenges below.
Last edited: