tl;dr:
Loki-docker-log-driver -> Loki : ✅ works.
Loki-docker-log-driver -> JSON Decode -> Loki : How?
For my local development, I run several services which log in GELF Format. To get a better overview and time-ordered log stream with filter functionality, I use the loki docker log driver.
The JSON log messages (GELF style) are successfully sent to loki, but I want to get them further processed so that labels are extracted. How can I achieve that?
If you have already sent the logs in JSON format to Loki, all you need to do is to select the desired log stream and pipe it to the "json" parser, like in the following example:
{filename="/var/log/nginx/access.log"} | json
Then, you can use the labels as you wish, like this:
{filename="/var/log/nginx/access.log"} | json | remote_addr="147.741.001.047"