What is Graylog ?
Graylog is basically an open source log aggregation service, which is capable of collecting millions of logs from multiple sources and display on a single interface. It also provides numerous features like dashboards, real time alerts and so much more.
Graylog supports multiple types of inputs such as AMQP, UDP, TCP, Kafka and syslogs. Here we’ll see how to collect logs from a spring application(or any java application) via UDP.
Setup a Graylog instance
Graylog needs mongodb and elasticsearch to perform. Here we are using docker compose to easily setup a graylog instance with data persistent support.
docker-compose up -d to run the above configuration
Note the volume mappings. These should be changed according to your system. More configurations like setting up user credentials can be found here
Also you can find other installation methods here.
We’ll use a standard spring boot application and use it to send log messages to Graylog using logback
We need the following dependency in order to use logback and communicate with graylog with proper log formatting.
In this configuration you can specify the log pattern and graylog server details. Here we have used the UDP appender, but you can use any of the supporting methods mentioned here.
That concludes the configurations needed for the Spring boot application. Next we have to configure Graylog server to receive the logs.
First go to graylog dashboard by navigating to
http://localhost:8080 and login with default credentials
username : admin |
password : admin
Then navigate to System -> Inputs and select “GELF UDP” and click on “Launch new input” and then you’ll see the following window.
select a Node and give it a title and save the configuration. If it’s successful you’ll see the status as “running” like below.
Now if you run the application with some logging in it you can see them in the stream tab.
Thank you for taking time to read this.
Source code can be found here