Skip to content
BleemeoBleemeo

Logs Overview

Starter
Professional

Glouton embeds a log processing pipeline based on the OpenTelemetry Collector. It collects logs from multiple sources, processes them with operators and filters, and exports them to the Bleemeo Cloud Platform where they can be browsed and analyzed.

Glouton supports the following log sources:

Source Description Details
Container logs Automatic collection from Docker and Kubernetes containers Container Logs
Service logs Automatic detection and collection from known services (Nginx, PostgreSQL, Redis, etc.) Service Logs
System logs System logs via systemd-journald, syslog, or Auditd System Logs
File logs Read log files using glob patterns File Logs
OTLP receivers Receive logs via OTLP gRPC (port 4317) or HTTP (port 4318) OTLP Receivers

Log collection is enabled by default (log.opentelemetry.enable: true), but automatic discovery of log sources requires additional settings.

The simplest way is to use all_enable which enables all log sources at once (containers, services, systemd-journald, syslog, and Auditd).

For more control, you can enable each source individually. The example below enables container and service logs along with systemd-journald system logs:

Terminal window
sudo tee /etc/glouton/conf.d/99-logs.conf > /dev/null << 'EOF'
log.opentelemetry.auto_discovery.container_and_service_enable: true
log.opentelemetry.auto_discovery.journald_enable: true
EOF

Glouton automatically detects configuration changes — no restart is needed. It will start collecting logs from running services (Nginx, PostgreSQL, Redis, etc.) along with systemd-journald system logs.

When running Glouton as a Docker container, pass the settings as environment variables:

Terminal window
docker run -d --restart=unless-stopped --name glouton \
-v /var/run/docker.sock:/var/run/docker.sock:ro \
-v /:/hostroot:ro \
-e GLOUTON_LOG_OPENTELEMETRY_AUTO_DISCOVERY_CONTAINER_AND_SERVICE_ENABLE=true \
-e GLOUTON_LOG_OPENTELEMETRY_AUTO_DISCOVERY_JOURNALD_ENABLE=true \
bleemeo/bleemeo-agent

Or, using a configuration file mounted into the container:

Terminal window
sudo mkdir -p /etc/glouton/conf.d
sudo tee /etc/glouton/conf.d/99-logs.conf > /dev/null << 'EOF'
log.opentelemetry.auto_discovery.container_and_service_enable: true
log.opentelemetry.auto_discovery.journald_enable: true
EOF
docker run -d --restart=unless-stopped --name glouton \
-v /var/run/docker.sock:/var/run/docker.sock:ro \
-v /:/hostroot:ro \
-v /etc/glouton/conf.d/:/etc/glouton/conf.d/:ro \
bleemeo/bleemeo-agent

Once enabled, logs from containers, discovered services, and the system journal are automatically gathered and sent to the Bleemeo Cloud Platform.