Promtail with Cloud Grafana Loki and winston JS log fields not detected
I have setup promtail (docker image) reading my .log files. Those logs are sent to Grafana Loki cloud.
I receive those logs succesfully but fields are not detected. Exemple of a log: {"env":"development","file":"myFile","level":"info","message":"myMessage","service":"myApp"}
Here it is what I can see in Loki:
As you can see, log is fully ingested but I do only have 2 fields (the labels) and the fields in my JSON log. I don't know how to setup auto detection for fields located in the log.
Here it is my scrape_configs:
scrape_configs:
- job_name: system
static_configs:
- targets:
- localhost
labels:
job: varlogs
__path__: /var/log/sms-meeting/*.log
This is my winston logger config:
const logger = winston.createLogger({
level: "info",
defaultMeta: { service: "myApp", env: process.env.NODE_ENV },
transports: [
new winston.transports.File({ filename: "logs/error.log", level: "error" }),
new winston.transports.File({ filename: "logs/combined.log" }),
],
});
As a best practice, you shouldn't setup auto detection of json fields during your log ingestion. You want to ensure you primarily use static labels, sparingly use dynamic labels, and never use unbounded labels. Refer to the official Loki Label Best Practices for further information on each point.
You should instead leverage LogQL parsers to extract your json fields and make them available at query time. See the documentation for LogQL parser expressions.
To give you an example from the public Play instance of Grafana:
JSON Logs with no LogQL Parser (Open Demo)
The only fields available are the ones applied during ingestion as indexed labels.
JSON Logs WITH a LogQL json Parser (Open Demo)
As you can see, all of the json fields are now available as fields within Grafana, and can be used in the remainder of your query as if they were part of the index.
It's very important that you are mindful of your cardinality when choosing which labels to send with your logs during ingestion. In saying that, if there is something you really must extract from your log line during ingestion and apply as a label, you should refer to the label pipeline stage in your scrape config.
- Node.js recursive calls with q framework for multiple GET requests
- How to Decode and Verify OCSP Response in TypeScript with pkijs for Certificate Validation
- Firebase and Node.js application results in the requested URL was not found on this server for the firebase serve command
- Can I determine if a string is a MongoDB ObjectID?
- Husky add command is deprecated?
- Solidity compiler error loading specific function
- error could not determine Node.js install directory
- How can I sort an array?
- Make a link from Electron open in browser
- Prisma query engine not found on mac M1
- response.clearCookie() followed by response.cookie() leads to 2 same-name cookies
- Cannot read properties of undefined (reading 'statusCode') Nodejs using cheerio
- WebSocket connection to wss failed in production only(front end and back end on different domains)
- Puppeteer cant listen all request from paribu.com
- Disable deprecation in javascript console
- messaging.sendMulticast is not a function
- Node.js fs.readdir recursive directory search
- How to specify local registry in yarn?
- Handle Cors from lambda to cloudfront or s3
- Where can i see in amplify app the console log
- generate *.story.ts automatially when generating Angular component by cli
- Node.js native addons: where is node_api.h located?
- Errors building supergraph with Docker, Node.js, and Apollo's rover
- Postman POST call works Angular doesn't
- How to change console.log() output in VSCode?
- nodejs server create file name 4000, when server started
- Uncaught TypeError: PouchDB is not a constructor
- The difference between "require(x)" and "import x"
- Uncaught Error: Invariant Violation: Element type is invalid: expected a string (for built-in components) or a class/function but got: object
- "npm run dev" Command Doesn't Work - Giving "missing script: dev" error