Appendix A – Sematext Docker Agent Configuration Options
Parameter / Environment variable | Description |
Required Parameters | |
SPM_TOKEN | SPM Application Token, enables metric and event collection |
LOGSENE_TOKEN | Logsene Application Token enables logging to Logsene, see logging specific parameters for filter options and Log Routing section to route logs from different containers to separate Logsene applications |
-v /var/run/docker.sock:/var/run/docker.sock | Path to the docker socket (optional, if dockerd provides TCP on 2375, see also DOCKER_PORT and DOCKER_HOST parameter) |
TCP and TLS connection If the UNIX socket is not available Sematext Agent assumes the Container Gateway Address (autodetect) and port 2375 as default (no TLS) – this needs no configuration. If Docker Daemon TCP settings are different you have to configure the TCP settings. The TCP settings can be modified with the following parameters. Please note the following parameters are compatible with the variables set in the “docker-machine env” command. | |
DOCKER_HOST | e.g. tcp://ip-reachable-from-container:2375/ – default value ‘unix:///var/run/docker.sock’. When the UNIX socket is not available the agent tries to connect to tcp://gateway:2375. In case a TCP socket is used there is no need to mount the Docker UNIX socket as volume |
DOCKER_PORT | Sematext Docker Agent will use its gateway address (autodetect) with the given DOCKER_PORT |
DOCKER_TLS_VERIFY | 0 or 1 |
DOCKER_CERT_PATH | Path to your certificate files. Mount the path to the certificates with -v $DOCKER_CERT_PATH:$DOCKER_CERT_PATH |
Optional Parameters | |
–privileged | The parameter might be helpful when Sematext Agent cannot start because of limited permission to connect and write to the Docker socket /var/run/docker.sock. The privileged mode is a potential security risk, so we recommend to enable the appropriate security. Please read about Docker security: https://docs.docker.com/engine/security/security/ |
HOSTNAME_LOOKUP_URL | On Amazon ECS, a metadata query must be used to get the instance hostname (e.g. “169.254.169.254/latest/meta-data/local-hostname”) |
HTTPS_PROXY | URL for a proxy server (behind firewalls) |
LOGSENE_RECEIVER_URL | URL for bulk inserts into Logsene. Required for Logsene On Premises only. |
SPM_RECEIVER_URL | URL for bulk inserts into SPM. Required for SPM On Premises only. |
EVENTS_RECEIVER_URL | URL for SPM events receiver. Required for SPM On Premises only. |
Docker Logs Parameters | |
Whitelist containers | |
MATCH_BY_NAME | Regular expression to white list container names |
MATCH_BY_IMAGE | Regular expression to white list image names |
Blacklist containers | |
SKIP_BY_NAME | Regular expression to black list container names |
SKIP_BY_IMAGE | Regular expression to black list image names for logging |
-v /yourpatterns/patterns.yml:/etc/logagent/patterns.yml | Pass custom patterns.yml for log parsing, see logagent-js |
-v /tmp:/logsene-log-buffer | Directory to store logs, in case of a network or service outage. Docker Agent deletes these files after a successful transmission. |
GEOIP_ENABLED | true enables Geo-IP lookups in the log parser; default value: false |
MAXMIND_DB_DIR | Directory for the Geo-IP lite database, must end with /. Storing the DB in a volume could save downloads for updates after restarts. Using /tmp/ (ramdisk) could speed up Geo-IP lookups (consumes add. ~30 MB main memory). |
For the most up to date list of Sematext Docker Agent options see https://github.com/sematext/sematext-agent-docker.
