Loki Multi-Cluster Querier: Query Logs Across Clusters
Loki's multi-cluster querier lets you query logs from multiple Loki instances as if they were a single, unified log stream.
Loki Articles
49 articles
Loki Deduplication: Deduplicate Exact Log Entries
Loki's deduplication doesn't actually remove duplicate log lines; it collapses them into a single entry to save storage.
Loki Distributed Mode: Scale Each Component Independently
The most surprising thing about Loki's distributed mode is that you're not just scaling Loki, you're scaling its independent components to meet your spe.
Loki Docker Driver: Ship Container Logs Automatically
Loki can ingest logs directly from Docker containers without needing a separate agent like Promtail. Let's see Loki's Docker driver in action
Loki High Availability: Ring-Based Consistent Hashing
Loki's ring is a sophisticated, distributed hash table that underpins its high availability and scalability by ensuring data is evenly distributed acros.
Loki systemd Logs: Scrape journald with Promtail
Promtail is failing to scrape logs from systemd journald, resulting in missing logs in Loki. The core issue is that Promtail, when configured to scrape .
Loki Kubernetes Logs: Auto-Discover Pod Log Streams
Loki's auto-discovery for Kubernetes pod logs isn't just about finding logs; it's about Loki actively becoming part of your Kubernetes control plane to .
Fix Loki Too Many Streams: Reduce Label Cardinality
The Loki ingester component is rejecting write requests from promtail because the combination of labels on a log line exceeds the configured maximum num.
Loki Line Filters: Fast Log Grep with LogQL
Loki's line filters are the unsung heroes of fast log searching, letting you grep through massive log volumes with surprising speed.
Loki Log Alerts: Route On-Call Notifications from Logs
Loki alerts are a powerful way to get notified about events happening in your system, but routing those alerts to the right people at the right time can.
Loki Log Forwarding: Ship Logs with Vector and Fluent Bit
Vector and Fluent Bit are both popular choices for shipping logs to Loki, but they approach the task with different philosophies and offer distinct adva.
Loki LogQL Optimization: Write Fast Log Queries
LogQL queries can feel like black magic, but optimizing them is more about understanding how Loki processes data and then steering it in the right direc.
Loki Volume Dashboard: Visualize Log Rates in Grafana
Loki's volume dashboard in Grafana is surprisingly absent from the standard Grafana installation, leaving many to assume it's not a core feature when in.
Loki Max Lookback: Configure Query Time Range Limits
Loki's maxlookbackwindow configuration setting doesn't actually limit how far back your queries can go; it dictates the maximum amount of time Loki will.
Loki Memcached Caching: Speed Up Repeated Log Queries
Loki Memcached Caching: Speed Up Repeated Log Queries — Memcached is a distributed memory object caching system. Loki uses Memcached to store query resu...
Loki Multi-Tenancy: Isolate Teams with Tenant IDs
Loki's "multi-tenancy" isn't about isolating tenants in the traditional sense of separate instances; it's about a single Loki instance serving data for .
Loki Pattern Parser: Extract Fields from JSON and logfmt
The Loki Pattern Parser, often seen in the context of log aggregation, can seem like magic when it automatically pulls structured data from unstructured.
Loki Pipeline Stages: Parse and Transform Log Lines
Loki's parse and transform stages are where the real magic happens, turning raw, unstructured log lines into queryable data.
Loki Promtail: Scrape Kubernetes Pod Logs Correctly
Promtail's main job is to find logs in Kubernetes and send them to Loki. Here's a pod that's not sending logs to Loki, and how to fix it
Loki Query Acceleration: Bloom Filter Index Setup
Loki's Bloom filter index can dramatically speed up queries by letting Loki know before it even looks at object storage whether a given chunk might cont.
Fix Loki 429 Rate Limit: Increase Ingestion Throughput
The Loki ingestion rate limit 429 Too Many Requests error means that Loki's ingestion API is dropping your logs because your agents are sending data fas.
Loki Regex Extraction: Parse Labels from Log Lines
Loki's regex expression allows you to extract arbitrary labels from your log lines, going beyond the basic log stream labels Loki uses for indexing.
Loki Ruler: Create Alerting Rules from Log Queries
Loki Ruler lets you turn your log patterns into actionable alerts, but the real magic is that your alerts become a first-class log source themselves.
Loki Single Binary vs Distributed: Choose the Right Mode
The most surprising truth about Loki's deployment modes is that the "distributed" mode, while offering higher availability and scalability, often introd.
Loki Trace Correlation: Link Logs to Distributed Traces
You can link Loki logs to distributed traces, but it’s not about Loki generating traces. Instead, Loki consumes trace IDs from your applications and use.
Loki Split Queries: Speed Up Long Time Range Searches
Loki's query engine splits long time range searches into smaller chunks to avoid overwhelming the system, but this can sometimes lead to slower-than-exp.
Loki Storage Backends: Configure S3 and GCS
Loki can store its index and chunks on object storage like S3 or GCS, but it doesn't actually use S3 or GCS directly for its primary operations.
Loki Replication: Configure Stream Lag and Replication
Loki replication isn't just about having copies of your logs; it's about ensuring those copies are fresh enough to be useful when you need them most.
Loki Stream Selectors: Optimize Label-Based Queries
Loki's query engine doesn't actually scan your logs; it uses an index to jump directly to the chunks containing the log lines you're interested in.
Loki Structured Metadata: Attach Extra Context to Logs
Loki's structured metadata is the secret sauce that turns a sea of log lines into a searchable, actionable dataset, and it's way more powerful than just.
Loki Syslog Parsing: Ingest RFC5424 Log Format
Loki's RFC5424 parser is a bit of a black box until you realize it's not trying to be a full syslog daemon, but rather a specialized tool for extracting.
Loki Table Manager: Handle Schema Migrations
Loki's Table Manager doesn't actually "handle" schema migrations; it enforces them by refusing to start if the schema version in your object store doesn.
Loki Tail Logs: Follow Live Log Streams in Real Time
Loki's "tail" command is a surprisingly powerful way to debug distributed systems by letting you see log output as it's generated, without needing to wa.
Loki topk and sort: Aggregate and Rank Log Data
Loki's topk and sort expressions are your go-to tools for wrangling massive streams of logs, letting you zoom in on the most frequent errors or the slow.
Loki TSDB Index: Ship and Store Time-Series Indexes
The Loki TSDB index is designed to be highly efficient at ingesting and querying time-series data, but its core strength also introduces a nuanced under.
Loki unpack and logfmt: Extract Nested Log Fields
Loki's unpack and logfmt extractors can pull nested fields from JSON or logfmt-encoded log lines, but they're often used incorrectly, leading to missed .
Loki Upgrade: Migrate Schema Versions Without Data Loss
Loki's schema version determines how your logs are stored and indexed, and migrating to a newer version can unlock performance improvements and new feat.
Loki Windows Events: Collect Windows Logs with Promtail
Promtail, the agent for Loki, can indeed slurp up Windows Event Logs, but getting it to do so reliably without dropping crucial information is trickier .
Loki WAL: Write-Ahead Log for Durable Log Ingestion
Loki's Write-Ahead Log WAL is what makes durable log ingestion possible, and the most surprising thing about it is that it's not primarily about speed, .
Loki absent_over_time: Alert When Logs Stop Arriving
Loki stops receiving logs when the agent responsible for sending them crashes, misconfigures itself, or loses network connectivity to Loki.
Loki + Alloy: Collect Logs via OpenTelemetry
Alloy doesn't send logs to Loki; it ingests logs from various sources, processes them, and then exports them to destinations like Loki.
Loki Authentication: Secure Access via Proxy Gateway
Loki's authentication mechanisms are not directly enforced by Loki itself but rather by the gateway or proxy sitting in front of it.
Loki Bloom Filters: Accelerate Log Queries with Index
Bloom filters are Loki's secret weapon for making your log queries blaze, but they're not an index in the traditional sense.
Loki Bytes Metrics: Track Log Volume by Service
Loki doesn't actually store metrics about log volume; it exposes metrics that other systems can use to track log volume.
Loki Canary: Verify Log Delivery Completeness
Loki's "canary" isn't about detecting failures; it's about confirming that everything is working, which is a much harder problem.
Loki Chunk Encoding: Snappy vs Gzip Compression
Snappy compression is often the default for Loki chunks, but Gzip can offer significantly better compression ratios at the cost of CPU.
Loki Chunk Store: Use DynamoDB and Cassandra Backends
The Loki chunk store is the heart of Loki's long-term storage, and it’s designed to be flexible, allowing you to plug in different backend storage syste.
Loki Compactor: Configure Log Retention and Deletion
Loki’s compactor is what actually enforces your retention policies, and it does it by deleting data that’s older than your configured retention period.
Loki Cost Reduction: Cut Storage and Query Costs
Loki Cost Reduction: Cut Storage and Query Costs — practical guide covering loki setup, configuration, and troubleshooting with real-world examples.