“Why does the ‘docker logs’ command fail?“, is one of our frequently asked questions. The answer is simple and mentioned in the Docker documentation: “The docker logs command is not available for drivers other than json-file and journald.”
Centralized log collection has become a necessity for many organizations. Much of the data we need to run our operations and secure our environments comes from the logs generated by our devices and applications. Centralizing these logs creates a large repository of data that we can query to enable various types of analysis. The most common types are conditional analysis and trend analysis. They both have their place, but trend analysis is perhaps the more often underutilized source of information.
Production logs can help ensure application security, reveal business insights and find and understand errors, crashes, and exceptions. But as useful as logs are, they’re difficult to manage and hard to keep track of. Making matters worse is that as log data volume grows, so does the difficult task of maintaining and managing them. It’s for this reason that developers, DevOps engineers, and CTOs turn to log management tools.
Central storage is vitally important in log management. Just as storing and processing logs into lumber is done in one place, a sawmill, a central repository makes it cheaper and more efficient to process event logs in one location. Moving between multiple locations to process logs can decrease performance. To continue the analogy, once boards are cut at a sawmill, a tool such as a wood jointer smoothes out the rough edges of the boards and readies them for use in making beautiful things.
We are happy to inform our users that a new Docker logging plugin is available on the Docker Store! Using this plugin, users can easily ship container logs directly to Logz.io, and enjoy the following benefits.
Today we are releasing Graylog v2.4.5 to fix a few bugs. We have also fixed an Elasticsearch credentials issue found by Defence Logic Limited - thanks for finding this and responsibly disclosing it.
Splunk helps IT operations (ITOps) teams simultaneously reduce their mean time to resolution (MTTR) and drive collaboration. To better understand Splunk, let’s take a closer look at the software platform, how it works and its benefits.
Let me preface this article with a quick customer story. I was recently talking with the director of operations of a G2000 company and he asked in a nice, but pointed way: “All I want is a SaaS software solution to manage my applications. Why does the architecture of the software matter?”. At Sumo Logic, we couldn’t agree and disagree more.
We’ve all been there — you’re on-call, fast asleep at 3 AM when suddenly, in comes the alerts–in overdrive. Your system is notifying you of some sort of abnormal behavior, but with all the alerts and data coming through, its difficult to figure out what your system is trying to tell you. Is there potential malicious behavior? Did someone write faulty code? Is it an important issue or can it wait? Is it nothing at all?
Logs contain some of the most valuable data available to developers, DevOps practitioners, Site Reliability Engineers (SREs) and security teams, particularly when troubleshooting an incident. It’s not always easy to extract and use, though. One common challenge is that many log entries are blobs of unstructured text, making it difficult to extract the relevant information when you need it.
