Challenge - 5 Problems
Centralized Logging Master
Get all challenges correct to earn this badge!
Test your skills under time pressure!
💻 Command Output
intermediate2:00remaining
Docker logging driver output
You run a Docker container with the command:
What will be the output of
docker run --log-driver=json-file --name test-container alpine echo hello
What will be the output of
docker logs test-container?Attempts:
2 left
💡 Hint
The json-file logging driver stores container stdout and stderr logs locally.
✗ Incorrect
The json-file driver stores logs in JSON format on the host. The command 'docker logs' reads these logs and shows the container output. Since the container runs 'echo hello', the logs will show 'hello'.
❓ Configuration
intermediate2:00remaining
Configure Docker to use syslog logging driver
Which Docker daemon configuration snippet correctly sets the default logging driver to syslog?
Attempts:
2 left
💡 Hint
Docker daemon config uses kebab-case keys with hyphens.
✗ Incorrect
The correct key to set the default logging driver in Docker daemon.json is 'log-driver'. Other keys are invalid and cause Docker to ignore the setting or error.
🔀 Workflow
advanced2:00remaining
Centralized logging with ELK stack and Docker
You want to send Docker container logs to an ELK (Elasticsearch, Logstash, Kibana) stack. Which logging driver should you configure on your containers to send logs directly to Logstash over TCP?
Attempts:
2 left
💡 Hint
GELF is a logging format supported by Logstash for structured logs over TCP/UDP.
✗ Incorrect
The GELF logging driver sends logs in Graylog Extended Log Format, which Logstash can receive over TCP or UDP. This allows direct integration with ELK stack.
❓ Troubleshoot
advanced2:00remaining
Docker logs missing after configuring syslog driver
After configuring Docker containers to use the syslog logging driver, you notice
docker logs shows no output. Why does this happen?Attempts:
2 left
💡 Hint
Syslog driver forwards logs to the host syslog service, not stored in Docker's local log files.
✗ Incorrect
When using the syslog logging driver, logs are sent to the host's syslog service and are not stored in Docker's local log files. Therefore, 'docker logs' cannot retrieve them.
✅ Best Practice
expert3:00remaining
Best practice for centralized logging in a multi-host Docker swarm
In a Docker Swarm with multiple hosts, what is the best practice to collect and centralize logs from all containers across hosts?
Attempts:
2 left
💡 Hint
Centralized logging agents can collect logs from multiple sources and forward them reliably.
✗ Incorrect
Using a logging agent like Fluentd or Logstash on each host allows collecting logs from all containers locally and forwarding them to a central logging server. This is scalable and manageable in multi-host environments.