Our next-gen architecture is built to help you make sense of your ever-growing data Watch a 4-min demo video!

Create an Account Request Demo
Back to All Integrations

FluentD FluentD

Last Updated: Sep. 12, 2022

Coralogix provides seamless integration with FluentD so you can send your logs from anywhere and parse them according to your needs.

Prerequisites

  • FluentD Installed (Official documentation Here)
  • Active Coralogix account

Configuration

We recommend using the generic HTTP output plugin, as it has plenty of adjustability and exposed metrics.
To start sending logs to Coralogix, you will need to add us as an output on your configuration.
This is a generic example where all you need to supply is your cluster URL (please see table below) and account private key (Please note that the key should be inserted without quotation marks or apostrophes).

The example below will collect all log files from the /var/log/ path.
for other collection options have a look at fluentd’s Documentation

<system>
	log_level info
</system>

<source>
	@type tail
	@id tail_var_logs
	@label @CORALOGIX
	path /var/logs/*.log
	pos_file /var/logs/all.pos
	tag all
	read_from_head true
	<parse>
		# Can be other types as mentioned in docs
		# https://docs.fluentd.org/configuration/parse-section
		@type json
	</parse>
</source>

<label @CORALOGIX>
	<filter **>
	@type record_transformer
	@log_level warn
	enable_ruby true
	auto_typecast true
	renew_record true
	<record>
		# In this example we are using record.dig to dynamically set values.
		# Values can also be static or simple variables
		applicationName ${record.dig("kubernetes", "namespace_name")}
		subsystemName ${record.dig("kubernetes", "container_name")}
		computerName ${record.dig("kubernetes", "host")}
		timestamp ${time.strftime('%s%L')} # Optional
		text ${record.to_json}
	</record>
	</filter>

<match **>
	@type http
	@id http_to_coralogix
	endpoint "<your cluster singles url>"
	headers {"private_key":"<your cluster's private key>"}
	retryable_response_codes 503
	error_response_as_unrecoverable false
	<buffer>
		@type memory
		chunk_limit_size 5MB
		compress gzip
		flush_interval 1s
		overflow_action block
		retry_max_times 5
		retry_type periodic
		retry_wait 2
	</buffer>
	<secondary>
		#If any messages fail to send they will be send to STDOUT for debug.
		@type stdout
	</secondary>
</match>
</label>

Parameters and descriptions

Depending on your account’s geolocation, please provide the relevant URL to the configuration above. Please choose the URL that best matches the ending of your Team’s name URL:

ClusterAPI Endpoint
.coralogix.com https://api.coralogix.com/logs/rest/singles
.app.coralogix.ushttps://api.coralogix.us/logs/rest/singles
.app.coralogix.inhttps://api.app.coralogix.in/logs/rest/singles
.app.eu2.coralogix.comhttps://api.eu2.coralogix.com/logs/rest/singles
.app.coralogixsg.comhttps://api.coralogixsg.com/logs/rest/singles

If you have any questions or need additional guidance, our support team is available 24/7 via our in-app chat!

On this page