I'm in a bit of a pickle here. I've got some agents with Metricbeat and Filebeat installed on customer systems, and they're sending logs to an NGINX proxy that forwards them to managed Elasticsearch instances. Due to high costs and poor performance, I'm looking to switch to a self-hosted Loki solution on Azure. However, I can't change the agents or redeploy them because of business constraints. Is there a way to set up a proxy adapter that can convert Elasticsearch logs to the format required by Loki?
3 Answers
You might want to check out Vector, it's pretty handy for log conversion. It can help you funnel those logs where you need them without major changes to your current setup.
Loki doesn't naturally accept logs from Metricbeat and Filebeat, but you could consider sending your logs to VictoriaLogs instead. It's supposedly user-friendly and performs well with out-of-the-box settings. Plus, it's cost-effective compared to Loki and Elasticsearch.
Honestly, if you're moving away from Elasticsearch, it seems odd to keep using Metricbeat and Filebeat. Those are quite tied to ES, and sticking with them could complicate things later on.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures