Loki如何通过Nginx日志数据在Grafana中实现可视化监控？

本文共计704个文字，预计阅读时间需要3分钟。

Loki 收集 Nginx 日志并通过 Grafana 展示，其背景和用途类似 ELK（Elasticsearch、Logstash、Kibana）生态系统。对于服务器数量较少的情况，使用 ELK 可能显得过于复杂。经过一番调研，我尝试了一套替代方案：使用 Loki、Promtail 和 Grafana。Loki 类似于 Elasticsearch，但更加轻量级。

Loki收集Nginx日志并以grafana展示 背景

公司一直用的是ELK来收集Nginx日志的，对于服务器较少的用elk则显得太重了，于是调研了一番，用loki+Promtail+grafana来测试一下。Loki类似elasticsearch，用于存储。Promtail类似fluent，用于收集，grafana类似kibana，用于展示

先放几张图来展示一下成果：

这里是用grafana查询日志

Nginx 配置

首先修改Nginx日志为json格式：

log_format json_analytics escape=json '{' '"msec": "$msec", ' # request unixtime in seconds with a milliseconds resolution '"connection": "$connection", ' # connection serial number '"connection_requests": "$connection_requests", ' # number of requests made in connection '"pid": "$pid", ' # process pid '"request_id": "$request_id", ' # the unique request id '"request_length": "$request_length", ' # request length (including headers and body) '"remote_addr": "$remote_addr", ' # client IP '"remote_user": "$remote_user", ' # client HTTP username '"remote_port": "$remote_port", ' # client port '"time_local": "$time_local", ' '"time_iso8601": "$time_iso8601", ' # local time in the ISO 8601 standard format '"request": "$request", ' # full path no arguments if the request '"request_uri": "$request_uri", ' # full path and arguments if the request '"args": "$args", ' # args '"status": "$status", ' # response status code '"body_bytes_sent": "$body_bytes_sent", ' # the number of body bytes exclude headers sent to a client '"bytes_sent": "$bytes_sent", ' # the number of bytes sent to a client '"dl.miyuru.lk/geoip/dbip/country/dbip.dat.gz -O country.dat wget dl.miyuru.lk/geoip/dbip/city/dbip.dat.gz -O city.dat

nginx.conf增加下面两行后 /usr/local/nginx/sbin/nginx -s reload

geoip_city /usr/local/nginx/html/ip/city.dat; geoip_country /usr/local/nginx/html/ip/country.dat;

现在Nginx的日志是这样的：

{"msec": "1654072604.175", "connection": "92799", "connection_requests": "1", "pid": "4251", "request_id": "47e117ff2287fb32fb8382aff742334b", "request_length": "1105", "remote_addr": "11.125.67.88", "remote_user": "", "remote_port": "18154", "time_local": "01/Jun/2022:16:36:44 +0800", "time_iso8601": "2022-06-01T16:36:44+08:00", "request": "POST /xx/xx.html HTTP/1.1", "request_uri": "/xx/xx.html", "args": "", "status": "200", "body_bytes_sent": "146", "bytes_sent": "308", "172.16.124.225:8080/", "github.com/grafana/loki/releases/download/v2.5.0/loki-linux-amd64.zip unzip loki-linux-amd64.zip mv loki-linux-amd64 loki

loki的配置文件

auth_enabled: false server: localhost:9093

启动loki

nohup ./loki -config.file=loki-local-config.yaml & Promtail 部署

下载软件

wget github.com/grafana/loki/releases/download/v2.5.0/promtail-linux-amd64.zip unzip promtail-linux-amd64.zip mv promtail-linux-amd64 promtail

配置文件

server: 192.168.96.239:3100/loki/api/v1/push scrape_configs: - job_name: nginx pipeline_stages: - replace: expression: '(?:[0-9]{1,3}\.){3}([0-9]{1,3})' replace: '***' static_configs: - targets: - localhost labels: job: nginx_access_log host: appfelstrudel agent: promtail __path__: /usr/local/nginx/logs/json_access.log

启动

nohup ./promtail --config.file=promtail-local-config.yaml & grafana展示

下载安装

wget mirrors.cloud.tencent.com/grafana/yum/rpm/grafana-8.5.3-1.x86_64.rpm yum install -y grafana-8.5.3-1.x86_64.rpm systemctl start grafana-server

grafana添加数据源，选Loki。

输入url：localhost:3100/loki 即可

然后导入 12559 模板即可