# ============================================================ # Promtail 配置 - 日志收集代理 # ============================================================ server: http_listen_port: 9080 grpc_listen_port: 0 log_level: info positions: filename: /tmp/positions.yaml clients: - url: http://loki:3100/loki/api/v1/push batchwait: 1s batchsize: 1048576 # 1MB timeout: 10s scrape_configs: # ==================== Docker 容器日志 ==================== - job_name: docker docker_sd_configs: - host: unix:///var/run/docker.sock refresh_interval: 5s filters: - name: name values: ["wm-*"] relabel_configs: - source_labels: ['__meta_docker_container_name'] regex: '/(.*)' target_label: 'container' - source_labels: ['__meta_docker_container_label_com_docker_compose_service'] target_label: 'service' pipeline_stages: - json: expressions: level: level msg: msg time: time - labels: level: service: - timestamp: source: time format: RFC3339Nano fallback_formats: - "2006-01-02T15:04:05.000Z" - output: source: msg # ==================== Nginx 访问日志 ==================== - job_name: nginx-access static_configs: - targets: - localhost labels: job: nginx-access __path__: /var/lib/docker/containers/**/wm-frontend*.log pipeline_stages: - json: expressions: log: log - regex: expression: '^(?P\S+) - (?P\S+) \[(?P[^\]]+)\] "(?P[^"]*)" (?P\d+) (?P\d+) "(?P[^"]*)" "(?P[^"]*)"' source: log - labels: status: - timestamp: source: time_local format: "02/Jan/2006:15:04:05 -0700" # ==================== 系统日志 ==================== - job_name: syslog static_configs: - targets: - localhost labels: job: syslog __path__: /var/log/syslog pipeline_stages: - regex: expression: '^(?P\w+\s+\d+\s+\d+:\d+:\d+)\s+(?P\S+)\s+(?P\S+):\s+(?P.+)$' - labels: host: process: - timestamp: source: timestamp format: "Jan 2 15:04:05" # ==================== Docker 系统日志 ==================== - job_name: docker-system static_configs: - targets: - localhost labels: job: docker __path__: /var/lib/docker/containers/*/*.log pipeline_stages: - json: expressions: stream: stream log: log time: time - labels: stream: - timestamp: source: time format: RFC3339Nano