I’m currently using a log saving configuration similar to this one (fluent-bit DaemonSets forwarding to a 1-replica StatefulSet collecting the logs to disk), with ngnix for viewing the logs, and logrotate for preventing the logs from completely filling the 40GB persistent volume that I have set up.
This mostly works great, except that viewing the logs is sort of a pain. The main browser view works sort-of-okay:
The two problems are:
- My logrotate configuration simply looks for files that end in .log and adds a date suffix, which causes nginx to have no idea what MIME type to send, and then triggers a download and open prompt rather than viewing in-browser
- The logs are all JSON structured logs, which is great except that actually reading them raw is… not great.
Ideally, I’d like a web server which can serve the following:
- A nicer directory listing. In particular, it would be cool to not have to translate 4196640 to “4.1MB” in my head. 😁
- The actual log files, supporting range requests for large files so that I don’t need to download 40MB until I actually need it.
- A nice JavaScript log viewer which allows filtering and eliding the structured JSON fields.
I haven’t found something out there yet; I may end up being forced to write one. (I got spoiled by the Stackdriver viewer when I worked on GCP, but I’m trying to live off the land for this cluster rather than caving in to SaaS. I’d also like something smaller than ELK, but I may end up doing that in the end.)
0 thoughts on “Looking for a log viewer”