Loki is a horizontally-scalable, highly-available, multi-tenant log aggregation system inspired by Prometheus. It is designed to be very cost effective and easy to operate. It does not index the contents of the logs, but rather a set of labels for each log stream.
Compared to other log aggregation systems, Loki:
- does not do full text indexing on logs. By storing compressed, unstructured logs and only indexing metadata, Loki is simpler to operate and cheaper to run.
- indexes and groups log streams using the same labels you’re already using with Prometheus, enabling you to seamlessly switch between metrics and logs using the same labels that you’re already using with Prometheus.
- is an especially good fit for storing Kubernetes Pod logs. Metadata such as Pod labels is automatically scraped and indexed.
- has native support in Grafana (needs Grafana v6.0).
A Loki-based logging stack consists of 3 components:
promtail
is the agent, responsible for gathering logs and sending them to Loki.loki
is the main server, responsible for storing logs and processing queries.- Grafana for querying and displaying the logs.
Loki is like Prometheus, but for logs: we prefer a multidimensional label-based approach to indexing, and want a single-binary, easy to operate system with no dependencies. Loki differs from Prometheus by focusing on logs instead of metrics, and delivering logs via push, instead of pull.
The Installation docs have instructions on how to install Loki via Docker images, Helm charts, Jsonnet, or from source.
You may also be interested in installing Promtail to send logs to Loki.
Once you have Promtail, Loki, and Grafana running, continue with our Getting Started Guide to get up and running with querying logs.
The documentation with a Table of Contents can be found in
docs/
.
Some key documents to read:
- API documentation for alternative ways of getting logs into Loki.
- Operations for important aspects of running Loki.
- Promtail is an agent which can tail your log files and push them to Loki.
- Pipelines for detailed log processing pipeline documentation
- Docker Logging Driver is a docker plugin to send logs directly to Loki from Docker containers.
- LogCLI on how to query your logs without Grafana.
- Loki Canary for monitoring your Loki installation for missing logs.
- Troubleshooting for help around frequent error messages.
- Loki in Grafana for how to set up a Loki datasource in Grafana and query your logs.
If you have any questions or feedback regarding Loki:
- Ask a question on the Loki Slack channel. To invite yourself to the Grafana Slack, visit http://slack.raintank.io/ and join the #loki channel.
- File an issue for bugs, issues and feature suggestions.
- Send an email to lokiproject@googlegroups.com, or use the web interface.
- UI issues should be filed directly in Grafana.
Your feedback is always welcome.
- The original design doc for Loki is a good source for discussion of the motivation and design decisions.
- Callum Styan's March 2019 DevOpsDays Vancouver talk "Grafana Loki: Log Aggregation for Incident Investigations".
- Grafana Labs blog post "How We Designed Loki to Work Easily Both as Microservices and as Monoliths".
- Julien Garcia Gonzalez' March 2019 blog post "Grafana Logging using Loki".
- Tom Wilkie's early-2019 CNCF Paris/FOSDEM talk "Grafana Loki: like Prometheus, but for logs" (slides, video).
- David Kaltschmidt's KubeCon 2018 talk "On the OSS Path to Full Observability with Grafana" (slides, video) on how Loki fits into a cloud-native environment.
- Goutham Veeramachaneni's blog post "Loki: Prometheus-inspired, open source logging for cloud natives" on details of the Loki architecture.
- David Kaltschmidt's blog post "Closer look at Grafana's user interface for Loki" on the ideas that went into the logging user interface.
Refer to CONTRIBUTING.md
Apache License 2.0, see LICENSE.