Grafana Loki
-
Loki is a horizontally-scalable, highly-available, multi-tenant log aggregation system inspired by Prometheus. It is designed to be very cost effective and easy to operate. It does not index the contents of the logs, but rather a set of labels for each log stream.
https://grafana.com/oss/loki/
https://github.com/grafana/lokiInitial functional version located here for comment: https://git.cloudron.io/doodlemania2/loki
wrote on Feb 10, 2023, 1:40 PM last edited by@doodlemania2 Hello, do you have any plans to add authentication to this app?
-
@doodlemania2 Hello, do you have any plans to add authentication to this app?
@TomsFreitas haven't had the need
what's the scenario?
-
@TomsFreitas haven't had the need
what's the scenario?
wrote on Feb 10, 2023, 10:28 PM last edited by TomsFreitas Feb 10, 2023, 10:40 PM@doodlemania2 I have several servers that need to push logs to loki so it must be exposed to the internet and I wanted it to be secure. Protecting it with cloudron auth would make it so that loki could be exposed and not have to worry about someone fetching all my logs using loki's API
-
How do servers send their logs to Loki? With a token? Wouldn't putting basic auth affect the API?
wrote on Feb 11, 2023, 1:16 PM last edited by@girish Well, the most used setup with Loki is using it with promtail. Promtail resides in your agents and it pushes the logs to loki. Grafana then fetches the logs from loki. It's my understanding that both promtail and grafana support basic auth when interacting with loki
-
@girish Well, the most used setup with Loki is using it with promtail. Promtail resides in your agents and it pushes the logs to loki. Grafana then fetches the logs from loki. It's my understanding that both promtail and grafana support basic auth when interacting with loki
@TomsFreitas yeah, i think that's right - I've never done it because it's always just been me pushing to it from a tailscale endpoint but I can see the value there.
@girish - I think the best approach would be to leave it open (but behind SSL) and let Loki handle the auth.
No?
-
@TomsFreitas yeah, i think that's right - I've never done it because it's always just been me pushing to it from a tailscale endpoint but I can see the value there.
@girish - I think the best approach would be to leave it open (but behind SSL) and let Loki handle the auth.
No?
@doodlemania2 agree, but apparently loki doesn't have any auth of it's own - https://grafana.com/docs/loki/latest/operations/authentication/ . I guess this is why @TomsFreitas wants Cloudron to provide the auth.
-
@doodlemania2 agree, but apparently loki doesn't have any auth of it's own - https://grafana.com/docs/loki/latest/operations/authentication/ . I guess this is why @TomsFreitas wants Cloudron to provide the auth.
wrote on Feb 13, 2023, 11:52 AM last edited by@girish Yes, if we could place cloudron in the middle doing authentication it would be incredible
-
@girish Yes, if we could place cloudron in the middle doing authentication it would be incredible
rats - I thought it would. Putting CR auth in front of Loki may be problematic - how would a payload or client that is pushing data to loki know that it's cloudron asking and not loki. if loki has no knowledge of auth, the inverse is problematic too.
-
wrote on May 23, 2023, 7:57 AM last edited by
ok, is this still on a roadmap? I could set up loki and promtail on a seperate docker server, but really would like to have this integrated into cloudron..
-
wrote on Dec 4, 2023, 3:00 PM last edited by
I would love to have some solution for logging aggregation in my cloudron. I see some of the projects here have been deleted. Any plans to add official support for Loki or some alternative?
-
Not sure what the status of https://git.cloudron.io/doodlemania2/loki is . @doodlemania2 any update?
I haven't used Loki myself but is it actually a web app?
-
It's not - it's really just an endpoint. I have used it as is for many moons and is rock solid. That said, it definitely needs an update. One of the challenges I faced is there's a LOT of changes under the covers, so I've stayed with this older version and it serves me well.