Ok so I’ve been having a problem with logging for a while now. I use a centralized logging platform (Seq) to try and aggregate the logs of the containers I run but most of the log messages come through as errors. This is because the containers would stream their output to stderr and even though it’s formatted it comes as one big error message.

Example:

[2025-01-06 18:17:23] INFO Registering with TVA backend, encode Job status: available

That’s all one big error message I receive even though it’s an INFO message. And every container is different. Their error message is formatted differently, some goes to stdout instead of stderr, some actually work.

Is there a piece of software that I can run that will intercept these messages and convert them to GELF?

Thanks

  • rumba@lemmy.zipEnglish
    11·
    3 days ago

    I’m not sure about your exact ask, I’d probably head towards setting up logstash and elasticsearch. It might be overkill for your needs though.

    • Eezyville@sh.itjust.worksOPEnglish
      0·
      3 days ago

      I’m not clear in the post I guess so I’ll try to be more clear here.

      • I’m using Seq for my centralized logging.
      • The logs I get from most of my containers are not in GELF format. I cannot change that unless I change how logging works in all the programs I use. So I’ll need to edit every source code and compile or ask each project to update their logging and output to GELF.
      • They are all shown as errors or info. It depends on the container because some send their logging info to stderr and some to stdout.
      • I’m looking for something that can intercept those logs from my other containers, format them to GELF, and send the formatted logs to Seq.
      • rumba@lemmy.zipEnglish
        1·
        3 days ago

        No I get what you’re asking for I’m just mentioning that sometimes it’s easier to use an application that can read multiple formats than it is to try to finagle everything back into one format.