7.01 Loki Overview - MartinWong06/grafana GitHub Wiki

images/Chapter_7/7.1_001_Loki_overview.png

What is loki?

Loki is a horizontally-scalable, highly-available, multi-tenant log aggregation system inspired by Prometheus. It is designed to be very cost-effective and easy to operate, as it does not index the contents of the logs. Instead, it uses labels to organize the log streams and allows users to perform queries against these labels to retrieve log data.

What is Promtail?

Promtail is a component of the Loki log aggregation system that is responsible for collecting log data from various sources and forwarding it to Loki for storage and querying.

• Collect logs from various sources, such as log files, systemd journal, or syslog
• Uses regex-based parsing rules to extract structured data from the log lines
• Dupports various enrichment features, such as adding metadata or labels to log streams
• Compress and batch log data to reduce network traffic

How Promtail work with Loki?

Once Promtail collects the log data, it forwards it to Loki using the remote_write API. Loki then stores the logs in a horizontally scalable, distributed storage backend,

How Loki use in Grafana?

Users can query and visualize the data using Grafana or other tools