Log data is a valuable tool when used properly. It can help you identify issues and optimize performance–but first you have to collect it. A DevOps environment built around Docker containers poses a unique challenge for log analysis because it is very fluid and can change dramatically in seconds.
Graylog introduced a solution capable of keeping up with the dynamic Docker container ecosystem to make sure you capture the log data you need:
I live just north of Houston. Houston is focused primarily on the oil industry and doesn’t much of a “Silicon Valley” vibe—Texas has Austin for that—so I don’t get to talk with many tech companies in my own backyard. Graylog is one of the few exceptions. Graylog has an open source log management platform and it recently expanded the capabilities to include collecting and analyzing log data from Docker containers.
Lennart Koopman, Graylog’s CTO, founded the company in 2009. While working on a project adding more and more servers he had reached out to Splunk for a quote for a log management solution. After recovering from the sticker shock he started devoting his free time developing Graylog as an open source project to address his logging needs more cost-effectively.
Lennart explained to me that Graylog is essentially an open source rival to Splunk. It’s an open source, on-premise solution that aggregates and correlates log data to enable customers to extract valuable information from their datacenters. It’s open source, so it’s free—but Graylog also offers support contracts for customers that want some additional peace of mind.
That’s all fine and dandy for traditional servers—or even virtual servers—running in a datacenter. However, the advent of Docker and the rise of containers has completely changed the game. The Docker container environment is significantly more fluid as containers are constantly created and destroyed. The old method of monitoring logs from specific containers or images—and trying to keep track of the current inventory and state of all containers and images—is simply too tedious. It’s too much to try and keep track of and virtually impossible to manage using any sort of manual process.
The Graylog logging driver for Docker allows organizations to automatically collect and manage log data even though Docker containers are very dynamic and the associated log data is not persistent or stored. Graylog promises to enable customers to extract valuable intelligence from the Docker environment to pinpoint problems faster, deliver applications more efficiently, and minimize downtime.
“Docker has made building and deploying applications so much easier, but accessing logs generated within containers and their applications has been a huge blind spot for DevOps and IT Ops teams, until now,” said Michael Sklar, CEO of Graylog. “Native Graylog integration with Docker now makes application container log management easy and affordable. Now, organizations can leverage log data to ensure the performance, availability, and security of their Docker infrastructures.”
Check out the full Graylog story on ContainerJournal: Monitor Docker container log data with Graylog.
- Malcom Harkins Talks about Ethical and Legal Obligations of the CISO - October 20, 2022
- Maggie MacAlpine Chats about Collaborative Threat Intel Initiative - October 14, 2022
- Intel Outlines Focus on Innovative Security Technologies - October 8, 2022