This folder demonstrates how you can use es2loki to transfer logs from
Elasticsearch to Loki.
The included docker-compose.yml populates Elasticsearch with some "old" logs
that needs to be transferred and some "new" logs that are already reside in
Loki and we es2loki must not interfere with them.
- Elasticsearch
- Kibana
- filebeat (imports "old" logs to Elasticsearch)
- Grafana (login: admin/admin)
- Loki
- Promtail (imports "new" logs to Loki)
- PostgreSQL (needed for es2loki)
- es2loki
In order to run a demo you may use:
docker compose upOnce you run it, all the components will spin up and after 180 seconds es2loki will transfer logs from Elasticsearch to Loki. You can validate that by accessing Grafana Explore and issue a following query for the December 3rd, 2022:
{job="logs"}
Or click the following link.
example.py is where magic happens. Elasticsearch sorting and filtering
are specified there as well as mapping of documents to Loki labels.
You may also take a look at example-packetbeat.py to understand how
to tweak the transfer even more.