Installing Promtail on CentOS / Debian

Promtail is an agent responsible for centralizing logs, that is, it collects logs, processes them and sends them to Loki. In turn, Loki stores them, and Grafana requests data from Loki and renders it.

Add a system user from which Promtail will work

$ sudo useradd -r -M -s /bin/false promtail

Downloading promtail

$ cd /usr/local/bin
$ sudo curl -O -L https://github.com/grafana/loki/releases/download/v2.0.0/promtail-linux-amd64.zip

Unpack

$ sudo unzip promtail-linux-amd64.zip

Delete the archive

$ sudo rm promtail-linux-amd64.zip

Affairs file executable

$ sudo chmod a+x "promtail-linux-amd64"

Change owner

$ sudo chown promtail:promtail promtail-linux-amd64

We create a configuration file, or download a ready-made

$ wget https://raw.githubusercontent.com/grafana/loki/master/cmd/promtail/promtail-local-config.yaml
$ sudo nano config-promtail.yml
server:
  http_listen_port: 9080
  grpc_listen_port: 0

positions:
  filename: /tmp/positions.yaml

clients:
  - url: http://127.0.0.1:3100/loki/api/v1/push
#    basic_auth:
#      username: user
#      password: pass

scrape_configs:
  - job_name: system
    static_configs:
    - targets:
        - localhost
      labels:
        job: varlogs
        __path__: /var/log/*log

  - job_name: journal
    journal:
      max_age: 12h
      labels:
        job: systemd-journal
    relabel_configs:
      - source_labels: ['__journal__systemd_unit']
        target_label: 'unit'

Change the owner of the config

$ sudo chown promtail:promtail config-promtail.yml

Create a Systemd Unit

$ sudo nano /etc/systemd/system/promtail.service
[Unit]
Description=Promtail service
After=network.target

[Service]
Type=simple
User=promtail
ExecStart=/usr/local/bin/promtail-linux-amd64 -config.file /usr/local/bin/config-promtail.yml

[Install]
WantedBy=multi-user.target

Add the service to startup and start

$ sudo systemctl daemon-reload
$ sudo systemctl enable --now promtail
$ systemctl status promtail

Checking port 9080

$ ss -nltup | grep 9080

We open it out

$ sudo firewall-cmd --add-port=9080/tcp  --permanent
$ sudo firewall-cmd --reload

To enable Promtail to read system logs, add user promtail to the systemd-journal group

$ sudo usermod -aG systemd-journal promtail

Restarting the service

$ sudo systemctl restart promtail
Sidebar