I’m very new to this (and not just Loki/Grafana, the topic in general) and I’ve managed through trial and error to build a Grafana instance fed by Loki with fluentd aggregating the logs. I’m very much flying by the seat of my pants.
Right now, I’m working specifically with our sonicwall as a POC. Sonicwall does not have a very standardized logging method, so I currently have it set up in fluentd with a regex that has indexes set within the regex (just 3 at the moment). When I run the query on explore, I see that those indexes appear. However, when I try to create a dashboard, when I look at the fields available, none of my indexes show up and the dashboard says either “unable to graph data” or “no data points”. I’m currently trying to make a heat map of severity levels or message IDs.
I’ve unfortunately hit a wall, as I don’t really understand how Loki works at a deep enough level to troubleshoot this. It’s only one item on my list as well
If anyone could lead a poor newb through this, he would be very appreciative.