Distributed Docker Log Aggregator Docklog is a tool to aggregate logs that containers throw out on different servers.

You have written a distributed application and you want to monitor it? Debug it? You have several machines, and each machine contains several containers. Docklog is a tool to gather/process/watch all of containers in one place.

On each machine you run a new container called logspout. This container is called gatekeeper. Gatekeeper's job it to listen and gather all logs generated by other containers and forward them out to another server (Guru). Gatekeeper uses logspout container with GELF protocol.

Guru is the central server uses GELF protocol to gather all of logs from different machines (Gatekeepers) and visualizes it via a web interface. Guru is nothing but a dockerized instance of Graylog. It is made of Elasticsearch, mongodb and Graylog containers.