Windows Container Log Monitor Tool
Microsoft provides some troubleshooting guidance for Windows Containers. In that guidance there is reference to a LogMonitor.exe tool and a link to its GitHub repo. I could not find the executable for download so I compiled it myself (and stashed it here in the repo). I have also included a link below to a sample Docker image which runs a script which outputs to various sources, all collected and redirect to STDOUT by the LogMonitor.exe utility.
Build
- Cloned the LogMonitor GitHub repo
- Downloaded and installed Visual Studio Community Edition (2019)
- Chose '.NET desktop development' and 'Desktop development with C++' for Workloads (guesses)
- Was not able to compile project - turns out I needed build tools that came with VS 2017
- Under 'Individual Components' --> [X] C++/CLI support for v141 build tools.
- Open the (cloned) project (LogMonitor.sln)
- Changed Build --> Configuration Manager --> Active solution configuration --> Release
- Build LogMonitor:
Alternatively, I was able to compile from the command line as follows:
& 'C:\Program Files (x86)\Microsoft Visual Studio\2017\BuildTools\MSBuild\15.0\Bin\MSBuild.exe' .\LogMonitor.sln /p:platform=x64 /p:configuration=Release
Release Info
C:\Tools\LogMonitor.exe /?
LogMonitor Tool Version 1.1.0.0
Usage: LogMonitor.exe [/?] | [--help] | [[/CONFIG <PATH>][COMMAND [PARAMETERS]]]
/?|--help Shows help information
<PATH> Specifies the path of the Json configuration file. This is
an optional parameter. If not specified, then default Json
configuration file path C:\LogMonitor\LogMonitorConfig.json is used
COMMAND Specifies the name of the executable to be run
PARAMETERS Specifies the parameters to be passed to the COMMAND
This tool monitors Event log, ETW providers and log files and write the log entries
to the console. The configuration of input log sources is specified in a Json file.
file.
Download
- LogMonitor Utility -
Invoke-WebRequest -Uri https://github.com/rleap-m/windows-container-log-monitor/raw/master/bin/LogMonitor.exe -OutFile LogMonitor.exe - Sample Config File -
Invoke-WebRequest -Uri https://github.com/microsoft/windows-container-tools/raw/master/LogMonitor/src/LogMonitor/sample-config-files/IIS/LogMonitorConfig.json -OutFile LogMonitorConfig.json
Usage
Example
A DockerHub repo is available with an image which runs the demo script in this GitHub repo which produces various
log output which is captured by the LogMonitor.exe tool.
https://hub.docker.com/r/rleapm/windows-container-log-monitor
Notice that the docker logs command is capturing four different types of output (because of the magic of LogMonitor.exe) in this order (the order in which the script is producing the output):
- Verbose
- STDOUT
- Log file (simple text log file on disk)
- Event Log Application events
PS C:\temp> $id = docker run --rm -d rleapm/windows-container-log-monitor
PS C:\temp> docker logs -f $idVERBOSE: This is a sample log message.
[stdout] This is a sample log message.
[2020-08-27T22:00:13][3855BD855979] This is a sample log message.
<Source>EventLog</Source><Time>2020-08-27T22:00:13.000Z</Time><LogEntry><Channel>Application</Channel><Level>Information</Level><EventId>1</EventId><Message>This is a sample log message.</Message></LogEntry>
VERBOSE: This is a sample log message.
[stdout] This is a sample log message.
[2020-08-27T22:00:18][3855BD855979] This is a sample log message.
<Source>EventLog</Source><Time>2020-08-27T22:00:18.000Z</Time><LogEntry><Channel>Application</Channel><Level>Information</Level><EventId>1</EventId><Message>This is a sample log message.</Message></LogEntry>
...