Loki in production, restrict access

Hello, :wave:

I’m looking at your tool named Loki.

It seems a very powerful and a simple tool. I realy like the fact that only metadata of the logs are indexed, not like in an ELK stack in which everything is indexed, which then generate a lot of disk usage, and complexity (shard, replicas, cluster, …).

Regarding, Loki I managed to deploy it in a K8s cluster for tests purposes. It was pretty easy to deploy with a Grafana UI too.

However, I’d like to know where are stored the logs in order to deploy Loki in a prod environnent ? Thus I can make backups of logs or redirect them on an other server.

An other question is : how is it possible to restrict the access based on the K8s namespace or someting else ? I heard that Loki is a multi-tenant tool.

Thanks in advance :smiley: