Quickstart with Docker-Compose
This document describes the steps needed to bring up the LOGIQ observability stack using docker-compose for trial and demo use
Please read and agree with the EULA before proceeding.

  1. 1.
    Log aggregation, search, reporting, and live tailing
  2. 2.
    APM using built-in Prometheus, using external Prometheus
  3. 3.
    Data sources - 21 data source connectors
  4. 4.
  5. 5.
    Incident response - PagerDury, ServiceNow, Slack, Email
  6. 6.
    logiqctl CLI connectivity
  7. 7.
    Dashboards and visualizations
  8. 8.
    Filtering rules and rule packs
  9. 9.
    User and group management
  10. 10.
    Log flow RBAC
  11. 11.
    UI Audit trail

You can spin-up LOGIQ using docker-compose. Install guide for docker-compose can be found here - https://docs.docker.com/compose/install/
NOTE: the docker-compose quick-start YAML files are intended for demo and trial use only. If you want to run a production deployment, LOGIQ uses Kubernetes with HELM to deploy the stack. Please contact us at : s a l e s @ l o g i q . a i

NOTE: LOGIQ services use approximately 2GB of memory. Please have sufficient memory in your system before proceeding
The first step is to get the docker-compose YAML file from the URL below.

You are now ready to bring up the LOGIQ stack.

docker-compose -f docker-compose.quickstart.yml pull

docker-compose -f docker-compose.quickstart.yml up -d
NOTE: If you have been running previous versions of LOGIQ docker-compose, you should stop and remove the existing containers by running docker-compose -f docker-compose.quickstart.yml down and remove any older docker volume via docker-compose -f docker-compose.quickstart.yml rm && docker-compose -f docker-compose.quickstart.yml rm -v

If you are done with your evaluation and want to cleanup your environment, please run the following command to stop and delete the LOGIQ stack and free up the used system resources.
docker-compose -f docker-compose.quickstart.yml down -v

Once the LOGIQ server is up and running, the LOGIQ UI can be accessed as described above on port 80 on the server docker-compose. You will be presented with a login screen as shown below.
Use [email protected] / flash-password to login

For setting up data ingestion from your endpoints and applications into LOGIQ.AI, please refer to the Integrations section.
The quickstart compose file includes a test data tool that will generate test log data and also has a couple of dashboards that show LOGIQ's APM capabilities.
The test log data can be viewed under Explore page
Click on any Procid and you will be taken to the Flows page with detailed logs and a search view. You can search for any log pattern, searches can also be run using regex expressions along with conditional statements using Advanced search across a time period.

Logiq.ai provides application performance monitoring (APM) which can help end-to-end monitoring for microservices architectures, traces can be sent over 14250 (gRPC port). To view traces, navigate to Trace page under Explore.
select the Service and a list of traces will appear on the right-hand side of the screen. The traces have titles that correspond to the Operator selector on the search form. The traces can be further analyzed by clicking on the Analyse icon which will pull up the entire logs for the corresponding trace-id.
Analyze icon displays all the logs for the respective trace-id in a given time range.
To view the detailed trace, you can select a specific trace instance and check details like the time taken by each service, errors during execution, and logs.

The LOGIQ quickstart file includes Prometheus and Alertmanager services. 2 APM Dashboards to monitor the quickstart environments are included.
NOTE: It may take up to 1 minute for the APM metrics to appear once initial setup. Please use the "Refresh" button at the top right section of the Dashboards to refresh.

LOGIQ service exposes the below ports
  • 7514 - Syslog / TCP - TLS
  • 514 - Syslog / TCP - Non TLS
  • 2514 - RELP/Rsyslog / TCP - TLS
  • 20514 - RELP/Rsyslog / TCP - Non TLS
  • 9998 - Server administration web cli
  • 9999 - REST API
  • 8081 - gRPC ( needed for logiqctl CLI )
  • 80 - http
  • 443 - https
  • 24224/24225 - FluentForward protocol port / TLS
  • 3000 - Grafana instance (optional), not available with quickstart
  • 14250 - gRPC(traces can be sent over gRPC)
The ports used to bind are configurable via the server configuration file. See Server options for more details.
Export as PDF
Copy link
On this page
Quickstart features
Install Docker compose
Running LOGIQ
Download LOGIQ compose file
Download container images
Bring up the stack
Delete the stack
Test using LOGIQ UI
Ingesting data
Distributed Tracing
Prometheus monitoring and alerting
Firewall ports and URLs