Here is the current architecture:
- The application is hosted on kubernetes cluster.
- The logs by application(not of kubernetes) are emitted to a volume mount that the pod is currently running on.
- For example, there are 2 different nodes. Microservice A is emitting logs to node1 when it's running on node1. Similarly, vice-versa.
- Now, I want to keep those logs at one place.
- ELK stack caught my attention.
- I googled a lot but having a tough time to find anything useful information.
What I want?
A Curated guide that:
- gives me a sample java app that emits logs
- and helps to centralize it as shown in scenario above.
I prefer manual installations over command line than docker containers but anything is fine for me.
Use sfl4j, logback on the app side. Locally you can use a sysout logger.
For prod, use de.siegmar.logbackgelf.GelfTcpTlsAppender, and de.siegmar.logbackgelf.GelfEncoder and send your logs to Graylog.