Live Elasticsearch Online Training starting on Oct 10! See all classes

Appendix A

Appendix A – Sematext Docker Agent Configuration Options

Parameter / Environment variable


Required Parameters


SPM Application Token, enables metric and event collection


Logsene Application Token enables logging to Logsene, see logging specific parameters for filter options and Log Routing section to route logs from different containers to separate Logsene applications

-v /var/run/docker.sock:/var/run/docker.sock

Path to the docker socket (optional, if dockerd provides TCP on 2375, see also DOCKER_PORT and DOCKER_HOST parameter)

TCP and TLS connection

If the UNIX socket is not available Sematext Agent assumes the Container Gateway Address (autodetect) and port 2375 as default (no TLS) – this needs no configuration. If Docker Daemon TCP settings are different you have to configure the TCP settings. The TCP settings can be modified with the following parameters. Please note the following parameters are compatible with the variables set in the “docker-machine env” command.


e.g. tcp://ip-reachable-from-container:2375/ – default value ‘unix:///var/run/docker.sock’. When the UNIX socket is not available the agent tries to connect to tcp://gateway:2375. In case a TCP socket is used there is no need to mount the Docker UNIX socket as volume


Sematext Docker Agent will use its gateway address (autodetect) with the given DOCKER_PORT


0 or 1


Path to your certificate files. Mount the path to the certificates with


Optional Parameters


The parameter might be helpful when Sematext Agent cannot start because of limited permission to connect and write to the Docker socket /var/run/docker.sock. The privileged mode is a potential security risk, so we recommend to enable the appropriate security. Please read about Docker security:


On Amazon ECS, a metadata query must be used to get the instance hostname (e.g. “”)


URL for a proxy server (behind firewalls)


URL for bulk inserts into Logsene. Required for Logsene On Premises only.


URL for bulk inserts into SPM. Required for SPM On Premises only.


URL for SPM events receiver. Required for SPM On Premises only.

Docker Logs Parameters

Whitelist containers


Regular expression to white list container names


Regular expression to white list image names

Blacklist containers


Regular expression to black list container names


Regular expression to black list image names for logging

-v /yourpatterns/patterns.yml:/etc/logagent/patterns.yml

Pass custom patterns.yml for log parsing, see logagent-js

-v /tmp:/logsene-log-buffer

Directory to store logs, in case of a network or service outage. Docker Agent deletes these files after a successful transmission.


true enables Geo-IP lookups in the log parser; default value: false


Directory for the Geo-IP lite database, must end with /. Storing the DB in a volume could save downloads for updates after restarts. Using /tmp/ (ramdisk) could speed up Geo-IP lookups (consumes add. ~30 MB main memory).

For the most up to date list of Sematext Docker Agent options see