Docker Setup
Learn how to configure your Docker containers to work with Loggator’s label-based filtering system.
Label-Based Monitoring
Section titled “Label-Based Monitoring”Loggator uses Docker labels to determine which containers to monitor. This provides:
- Security: Only explicitly labeled containers are accessed
- Flexibility: Add/remove monitoring without reconfiguring Loggator
- Simplicity: One label per container
Adding the Label
Section titled “Adding the Label”Docker Compose
Section titled “Docker Compose”Add the label to your service definition:
services: my-app: image: nginx:latest labels: - "loggator.enable=true" # ... rest of your configDocker Run
Section titled “Docker Run”Use the --label flag:
docker run -d \ --label loggator.enable=true \ --name my-app \ nginx:latestExisting Containers
Section titled “Existing Containers”For running containers, you need to recreate them:
# Stop the containerdocker stop my-app
# Remove the container (data in volumes is preserved)docker rm my-app
# Start with the labeldocker run -d \ --label loggator.enable=true \ --name my-app \ nginx:latestCustom Labels
Section titled “Custom Labels”You can configure Loggator to use a different label:
# docker-compose.yml for Loggatorservices: loggator: environment: DOCKER_LABEL_FILTER: app.monitor=trueThen label your containers accordingly:
services: my-app: labels: - "app.monitor=true"Multi-Environment Setup
Section titled “Multi-Environment Setup”Use environment-specific labels for better control:
Production Containers
Section titled “Production Containers”services: web: labels: - "loggator.enable=true" - "environment=production"Development Containers
Section titled “Development Containers”services: web: labels: - "loggator.enable=true" - "environment=development"Environment-Specific Loggator
Section titled “Environment-Specific Loggator”Run separate Loggator instances:
# Production Loggatorservices: loggator-prod: image: ghcr.io/mbeggiato/loggator:latest environment: DOCKER_LABEL_FILTER: environment=production
# Development Loggator loggator-dev: image: ghcr.io/mbeggiato/loggator:latest ports: - "3001:3000" environment: DOCKER_LABEL_FILTER: environment=developmentComplete Example
Section titled “Complete Example”Here’s a full example with multiple services:
services: # Your application web: image: nginx:latest labels: - "loggator.enable=true" ports: - "80:80"
# Your API api: image: node:20 labels: - "loggator.enable=true" command: node server.js
# Database (not monitored) database: image: postgres:16 # No label - logs won't be collected
# Meilisearch meilisearch: image: getmeili/meilisearch:v1.12 environment: MEILI_MASTER_KEY: ${MEILI_MASTER_KEY} volumes: - ./meilisearch-data:/meili_data networks: - loggator-network
# Loggator loggator: image: ghcr.io/mbeggiato/loggator:latest ports: - "3000:3000" environment: MEILISEARCH_HOST: http://meilisearch:7700 MEILISEARCH_API_KEY: ${MEILI_MASTER_KEY} DOCKER_LABEL_FILTER: loggator.enable=true volumes: - /var/run/docker.sock:/var/run/docker.sock:ro depends_on: - meilisearch networks: - loggator-network labels: - "loggator.enable=true" # Monitor Loggator itself
networks: loggator-network: driver: bridgeLog Streams
Section titled “Log Streams”Docker provides two output streams:
- stdout: Standard output (normal logs)
- stderr: Error output (error logs)
Loggator captures both and tags them appropriately. You can filter by stream in the UI and AI queries.
Application Configuration
Section titled “Application Configuration”Ensure your application logs to stdout/stderr:
Node.js:
console.log("Info message"); // stdoutconsole.error("Error message"); // stderrPython:
print('Info message') # stdoutprint('Error message', file=sys.stderr) # stderrGo:
fmt.Println("Info message") // stdoutfmt.Fprintln(os.Stderr, "Error message") // stderrVerifying Labels
Section titled “Verifying Labels”Check if a container has the correct label:
# Inspect container labelsdocker inspect my-app | grep -A 5 Labels
# Specific label checkdocker inspect my-app --format '{{.Config.Labels}}'
# Filter for Loggator labeldocker inspect my-app | grep loggator.enableDynamic Container Discovery
Section titled “Dynamic Container Discovery”Loggator automatically discovers:
- New containers: Monitoring starts immediately when a labeled container starts
- Stopped containers: Monitoring stops when containers stop
- Recreated containers: Automatically reconnects to logs after restart
No manual configuration needed!
Best Practices
Section titled “Best Practices”1. Label Consistently
Section titled “1. Label Consistently”Use the same label across all environments:
labels: - "loggator.enable=true"2. Don’t Monitor Everything
Section titled “2. Don’t Monitor Everything”Avoid monitoring:
- Databases (high volume, sensitive data)
- Message queues (noisy logs)
- Build containers (temporary)
3. Group Related Services
Section titled “3. Group Related Services”Use additional labels for organization:
labels: - "loggator.enable=true" - "app=myapp" - "tier=backend"4. Document Your Labels
Section titled “4. Document Your Labels”Add comments in your compose files:
services: web: labels: # Enable log collection for Loggator - "loggator.enable=true"5. Test Before Production
Section titled “5. Test Before Production”Verify log collection works:
# Check logs are being collectedcurl http://localhost:3000/api/logs/search?query=test
# View in dashboardopen http://localhost:3000Troubleshooting
Section titled “Troubleshooting”Container not showing up
Section titled “Container not showing up”-
Check label:
Terminal window docker inspect my-app | grep loggator.enable -
Verify container is running:
Terminal window docker ps | grep my-app -
Check Loggator logs:
Terminal window docker logs loggator -
Restart Loggator:
Terminal window docker compose restart loggator
No logs appearing
Section titled “No logs appearing”-
Check if container is producing logs:
Terminal window docker logs my-app -
Verify Meilisearch connection:
Terminal window docker logs loggator | grep -i meilisearch -
Check log indexing:
Terminal window curl http://localhost:7700/indexes/logs/stats \-H "Authorization: Bearer $MEILISEARCH_API_KEY"
Logs delayed
Section titled “Logs delayed”- Loggator batches logs for performance (100 logs or 5 seconds)
- Check Meilisearch indexing performance
- Ensure sufficient resources (CPU/RAM)
Security Considerations
Section titled “Security Considerations”Docker Socket Access
Section titled “Docker Socket Access”Loggator needs read access to the Docker socket:
volumes: - /var/run/docker.sock:/var/run/docker.sock:roThe :ro (read-only) flag is crucial for security.
Label-Based Isolation
Section titled “Label-Based Isolation”Labels provide security by:
- Preventing access to unlabeled containers
- Allowing fine-grained control
- Supporting multi-tenant setups
Sensitive Data
Section titled “Sensitive Data”Be cautious monitoring containers that log:
- Passwords or API keys
- Personal information (PII)
- Financial data
Consider using log redaction or filtering at the application level.
Next Steps
Section titled “Next Steps”- Environment Variables - Configure Loggator behavior
- AI Assistant - Set up AI-powered log analysis
- Container Monitoring - Learn about the dashboard