Logging Implementation

Resources from Video Description

• GitHub Repository – All project files and configs

Key Takeaways

Why Loki (vs Elasticsearch): Loki indexes only labels/metadata and compresses raw log lines, making it significantly more resource-efficient and scalable than systems that index full log contents.

Unified Observability Workflow: Use Prometheus for trends (metrics) and Loki for facts (logs), then correlate both in Grafana. Metrics flag anomalies (e.g., error spikes) and time-aligned logs explain root causes—without leaving one dashboard.

Loki Architecture Choices: Choose deployment modes based on volume and complexity: single-binary (simple, low-volume), simple-scalable (ingest/query/background separation, up to multi-TB/day), or distributed (microservices for very high log throughput).

Log Ingestion & Querying: Promtail ships logs to Loki and attaches queryable labels (e.g., service, method, status). In Grafana, LogQL can parse JSON logs to turn fields into query filters; PromQL queries time-series metrics—both panels live side-by-side.

Kubernetes-Native Integration: In-cluster services are discovered via DNS and labeled targets; ServiceMonitor resources integrate app metrics into Prometheus, while Grafana uses data sources for both Prometheus and Loki to power a single, unified dashboard.