Grafana loki monolithic installation how to collect other vm logs

Grafana Loki
1

My cluster log and system log are collected and displayed by grafana gui. However, the system log of the other virtual machine is not collected. Can you give me information on how I can do it?

Promtail.yml

server:
http_listen_port: 9080
grpc_listen_port: 0

clients:

positions:
#filename: /tmp/positions.yaml
filename: /run/promtail/positions.yaml

target_config:
sync_period: 10s
scrape_configs:

  • job_name: kubernetes-pods
    pipeline_stages:
    - cri: {}
    kubernetes_sd_configs:
    - role: pod
    relabel_configs:
    - source_labels:
    - __meta_kubernetes_pod_controller_name
    regex: ([0-9a-z-.]+?)(-[0-9a-f]{8,10})?
    action: replace
    target_label: __tmp_controller_name
    - source_labels:
    - __meta_kubernetes_pod_label_app_kubernetes_io_name
    - __meta_kubernetes_pod_label_app
    - __tmp_controller_name
    - __meta_kubernetes_pod_name
    regex: ^;([^;]+)(;.)?$
    action: replace
    target_label: app
    - source_labels:
    - __meta_kubernetes_pod_label_app_kubernetes_io_instance
    - __meta_kubernetes_pod_label_instance
    regex: ^;([^;]+)(;.)?$
    action: replace
    target_label: instance
    - source_labels:
    - __meta_kubernetes_pod_label_app_kubernetes_io_component
    - __meta_kubernetes_pod_label_component
    regex: ^;([^;]+)(;.)?$
    action: replace
    target_label: component
    - action: replace
    source_labels:
    - __meta_kubernetes_pod_node_name
    target_label: node_name
    - action: replace
    source_labels:
    - __meta_kubernetes_namespace
    target_label: namespace
    - action: replace
    replacement: $1
    separator: /
    source_labels:
    - namespace
    - app
    target_label: job
    - action: replace
    source_labels:
    - __meta_kubernetes_pod_name
    target_label: pod
    - action: replace
    source_labels:
    - __meta_kubernetes_pod_container_name
    target_label: container
    - action: replace
    replacement: /var/log/pods/$1/.log
    separator: /
    source_labels:
    - __meta_kubernetes_pod_uid
    - __meta_kubernetes_pod_container_name
    target_label: path
    - action: replace
    regex: true/(.)
    replacement: /var/log/pods/    $1/*.log
    separator: /
    source_labels:
    - __meta_kubernetes_pod_annotationpresent_kubernetes_io_config_hash
    - __meta_kubernetes_pod_annotation_kubernetes_io_config_hash
    - __meta_kubernetes_pod_container_name
    target_label: path
    - action: drop
    regex: ^$
    source_labels:
    - service

    - job_name: syslog 
  syslog: 
    listen_address: 0.0.0.0:1514 
    labels: 
      job: syslog 
  relabel_configs: 
    - source_labels: [__syslog_message_hostname] 
      target_label: host 
    - source_labels: [__syslog_message_hostname] 
      target_label: hostname 
    - source_labels: [__syslog_message_severity] 
      target_label: level 
    - source_labels: [__syslog_message_app_name] 
      target_label: application 
    - source_labels: [__syslog_message_facility] 
      target_label: facility 
    - source_labels: [__syslog_connection_hostname] 
      target_label: connection_hostname

  • job_name: varlogs_gz
    decompression:
    enabled: true
    initial_delay: 10s
    format: gz
    static_configs:

    • targets:

      • localhost
        labels:
        job: node/varlogs_gz
        path: /var/log/**.gz
        node_name: ‘onap-grafana-loki’

    • job_name: syslog1
      syslog:
      listen_address: 10.252.252.78:1514
      listen_protocol: tcp
      idle_timeout: 60s
      label_structured_data: yes
      labels:
      job: node/syslog1
      relabel_configs:

      • source_labels: [‘__syslog_message_hostname’]
        target_label: ‘localhost’

    • job_name: syslog2
      syslog:
      listen_address: 192.168.141.195:1514
      listen_protocol: tcp
      idle_timeout: 60s
      label_structured_data: yes
      labels:
      job: node/syslog2
      relabel_configs:

      • source_labels: [‘__syslog_message_hostname’]
        target_label: ‘localhost’

extraVolumes:

  • name: node-logs
    hostPath:
    path: /var/log

extraVolumeMounts:

  • name: node-logs
    mountPath: /var/log
    readOnly: true

Set fsGroup to allow syslog file reading

podSecurityContext:
fsGroup: 4

Allow environment variables usage

extraArgs:

  • -config.expand-env=true

Scrape config to read syslog file from node

ls -1 /var/log/{,/}{[._]log,{mail,news}.{err,info,warn}}

var/log all files => path: /var/log/{,*/}

config:
snippets:
extraScrapeConfigs: |
# Add an additional scrape config for syslog
- job_name: node-all
static_configs:
- targets:
- localhost
labels:
job: node/node-all
path: /var/log/syslog
node_name: ‘onap-grafana-loki’

  # Add an additional scrape config for syslog
  - job_name: 10.252.252.78
    static_configs:
    - targets:
      - localhost
      labels:
        job: node/onap_ping_int
        __path__: /var/log/syslog
        node_name: 'onap-ping'  

  # Add an additional scrape config for syslog
  - job_name: 192.168.141.195
    static_configs:
    - targets:
      - localhost
      labels:
        job: node/onap_ping
        __path__: /var/log/syslog
        node_name: 'onap-ping'