Сервис мониторинга систем логирования системных событий
1. Установка Grafana Loki
apt install -y sudo
sudo useradd -r -M -s /bin/false loki
cd /usr/local/bin
sudo curl -O -L «https://github.com/grafana/loki/releases/download/v2.0.0/loki-linux-amd64.zip»
sudo unzip loki-linux-amd64.zip
sudo rm loki-linux-amd64.zip
sudo chmod a+x «loki-linux-amd64»
sudo chown loki:loki loki-linux-amd64
sudo nano /etc/loki/config-loki.yml
————————————
auth_enabled: false
server:
http_listen_port: 3100
ingester:
lifecycler:
address: 127.0.0.1
ring:
kvstore:
store: inmemory
replication_factor: 1
final_sleep: 0s
chunk_idle_period: 5m
chunk_retain_period: 30s
max_transfer_retries: 0
schema_config:
configs:
— from: 2018-04-15
store: boltdb
object_store: filesystem
schema: v11
index:
prefix: index_
period: 168h
storage_config:
boltdb:
directory: /tmp/loki/index
filesystem:
directory: /tmp/loki/chunks
limits_config:
enforce_metric_name: false
reject_old_samples: true
reject_old_samples_max_age: 168h
chunk_store_config:
max_look_back_period: 0s
table_manager:
retention_deletes_enabled: false
retention_period: 0s
————————————
sudo chown loki:loki /etc/loki/config-loki.yml
sudo nano /etc/systemd/system/loki.service
————————————
[Unit]
Description=Loki service
After=network.target
[Service]
Type=simple
User=loki
ExecStart=/usr/local/bin/loki-linux-amd64 -config.file /etc/loki/config-loki.yml
[Install]
WantedBy=multi-user.target
————————————
sudo systemctl daemon-reload
sudo systemctl enable —now loki
systemctl status loki
sudo tail -f /var/log/messages | grep loki
ss -nltup | grep 3100
http://SERVER:3100/metrics
2. Устанавливка Promtail
sudo useradd -r -M -s /bin/false promtail
cd /usr/local/bin
sudo curl -O -L https://github.com/grafana/loki/releases/download/v2.0.0/promtail-linux-amd64.zip
sudo unzip promtail-linux-amd64.zip
sudo rm promtail-linux-amd64.zip
sudo chmod a+x «promtail-linux-amd64»
sudo chown promtail:promtail promtail-linux-amd64
sudo nano /etc/promtail/config-promtail.yml
——————————
server:
http_listen_port: 9080
grpc_listen_port: 0
positions:
filename: /tmp/positions.yaml
clients:
— url: http://127.0.0.1:3100/loki/api/v1/push
# basic_auth:
# username: user
# password: pass
scrape_configs:
— job_name: system
static_configs:
— targets:
— localhost
labels:
job: varlogs
__path__: /var/log/*log
— job_name: journal
journal:
max_age: 12h
labels:
job: systemd-journal
relabel_configs:
— source_labels: [‘__journal__systemd_unit’]
target_label: ‘unit’
——————————
sudo chown promtail:promtail config-promtail.yml
sudo nano /etc/systemd/system/promtail.service
——————————
[Unit]
Description=Promtail service
After=network.target
[Service]
Type=simple
User=promtail
ExecStart=/usr/local/bin/promtail-linux-amd64 -config.file /etc/promtail/config-promtail.yml
[Install]
WantedBy=multi-user.target
——————————
sudo systemctl daemon-reload
sudo systemctl enable —now promtail
systemctl status promtail
ss -nltup | grep 9080
sudo usermod -aG systemd-journal promtail
sudo systemctl restart promtail
3. Допуск портам 9080 3100
4. Добавить источники в Grafana (graph.enu.kz)