Quickstart with Docker-Compose
This document describes the steps needed to bring up the LOGIQ observability stack using docker-compose for trial and demo use
- 1.Log aggregation, search, reporting, and live tailing
- 2.APM using built-in Prometheus, using external Prometheus
- 3.Data sources - 21 data source connectors
- 5.Incident response - PagerDury, ServiceNow, Slack, Email
- 6.logiqctl CLI connectivity
- 7.Dashboards and visualizations
- 8.Filtering rules and rule packs
- 9.User and group management
- 10.Log flow RBAC
- 11.UI Audit trail
You can spin-up LOGIQ using
docker-compose. Install guide for
docker-composecan be found here - https://docs.docker.com/compose/install/
NOTE: the docker-compose quick-start YAML files are intended for demo and trial use only. If you want to run a production deployment, LOGIQ uses Kubernetes with HELM to deploy the stack. Please contact us at : [email protected]
NOTE: LOGIQ services use approximately 2GB of memory. Please have sufficient memory in your system before proceeding
The first step is to get the
docker-composeYAML file from the URL below.
⬇ Download the YAML at the URL - https://logiqcf.s3.amazonaws.com/releases/docker-compose.quickstart.yml
You are now ready to bring up the LOGIQ stack.
docker-compose -f docker-compose.quickstart.yml pull
docker-compose -f docker-compose.quickstart.yml up -d
NOTE: If you have been running previous versions of LOGIQ docker-compose, you should stop and remove the existing containers by running docker-compose -f docker-compose.quickstart.yml down and remove any older docker volume via docker-compose -f docker-compose.quickstart.yml rm && docker-compose -f docker-compose.quickstart.yml rm -v
If you are done with your evaluation and want to cleanup your environment, please run the following command to stop and delete the LOGIQ stack and free up the used system resources.
docker-compose -f docker-compose.quickstart.yml down -v
Once the LOGIQ server is up and running, the LOGIQ UI can be accessed as described above on port 80 on the server docker-compose. You will be presented with a login screen as shown below.
LOGIQ Login Page
For setting up data ingestion from your endpoints and applications into LOGIQ.AI, please refer to the Integrations section.
The quickstart compose file includes a test data tool that will generate test log data and also has a couple of dashboards that show LOGIQ's APM capabilities.
The test log data can be viewed under Explore page
Click on any Procid and you will be taken to the Flows page with detailed logs and a search view. You can search for any log pattern, searches can also be run using regex expressions along with conditional statements using Advanced search across a time period.
Logiq.ai provides application performance monitoring (APM) which can help end-to-end monitoring for microservices architectures, traces can be sent over 14250 (gRPC port). To view traces, navigate to Trace page under Explore.
select the Service and a list of traces will appear on the right-hand side of the screen. The traces have titles that correspond to the Operator selector on the search form. The traces can be further analyzed by clicking on the Analyse icon which will pull up the entire logs for the corresponding trace-id.
Analyze icon displays all the logs for the respective trace-id in a given time range.
To view the detailed trace, you can select a specific trace instance and check details like the time taken by each service, errors during execution, and logs.
The LOGIQ quickstart file includes Prometheus and Alertmanager services. 2 APM Dashboards to monitor the quickstart environments are included.
NOTE: It may take up to 1 minute for the APM metrics to appear once initial setup. Please use the "Refresh" button at the top right section of the Dashboards to refresh.
LOGIQ service exposes the below ports
- 7514 - Syslog / TCP - TLS
- 514 - Syslog / TCP - Non TLS
- 2514 - RELP/Rsyslog / TCP - TLS
- 20514 - RELP/Rsyslog / TCP - Non TLS
- 9998 - Server administration web cli
- 9999 - REST API
- 8081 - gRPC ( needed for logiqctl CLI )
- 80 - http
- 443 - https
- 24224/24225 - FluentForward protocol port / TLS
- 3000 - Grafana instance (optional), not available with quickstart
- 14250 - gRPC(traces can be sent over gRPC)
The ports used to bind are configurable via the server configuration file. See Server options for more details.