Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

cloki

Package Overview
Dependencies
Maintainers
1
Versions
126
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

cloki

LogQL API with Clickhouse Backend

  • 2.0.31
  • latest
  • Source
  • npm
  • Socket score

Version published
Maintainers
1
Created
Source

Codefresh build status CodeQL

cLoki

like Loki, but for ClickHouse

cLoki is a flexible Loki 1 compatible LogQL API built on top of ClickHouse

  • Built in Explore UI and LogQL CLI for querying and extracting data
  • Native Grafana 2 and LogQL APIs for querying, processing, ingesting, tracing and alerting 3
  • Powerful pipeline to dynamically search, filter and extract data from logs, events, traces and beyond
  • Ingestion and PUSH APIs transparently compatible with LogQL, PromQL, InfluxDB, Elastic and more
  • Ready to use with Agents such as Promtail, Grafana-Agent, Vector, Logstash, Telegraf and many others
  • Cloud native, stateless and compact design

:octocat: Get started using the cLoki Wiki :bulb:

ezgif com-optimize 15

Project Background

The Loki API and its Grafana native integration are brilliant, simple and appealing - but we just love ClickHouse.

cLoki implements a complete LogQL API buffered by a fast bulking LRU sitting on top of ClickHouse tables and relying on its columnar search and insert performance alongside solid distribution and clustering capabilities for stored data. Just like Loki, cLoki does not parse or index incoming logs, but rather groups log streams using the same label system as Prometheus. 3

:fire: LogQL: Supported Features

cLoki implements a broad range of LogQL Queries to provide transparent compatibility with the Loki API
The Grafana Loki datasource can be used to natively query logs and display extracted timeseries

:tada: No plugins needed

:fire: Follow our examples to get started


:fuelpump: Log Streams

cLoki supports input via Push API using JSON or Protobuf and it is compatible with Promtail and any other Loki compatible agent. On top of that, cLoki also accepts and converts log and metric inserts using Influx, Elastic, Tempo and other common API formats.

Our preferred companion for parsing and shipping log streams to cLoki is paStash with extensive interpolation capabilities to create tags and trim any log fat. Sending JSON formatted logs is suggested when dealing with metrics.


:fire: CliQL: Experimental 2.0 Features

cLoki implements custom query functions for ClickHouse timeseries extraction, allowing direct access to any existing table

ezgif com-gif-maker

Timeseries

Convert columns to tagged timeseries using the emulated loki 2.0 query format

<aggr-op> by (<labels,>) (<function>(<metric>[range_in_seconds])) from <database>.<table> where <optional condition>
Examples
avg by (source_ip) (rate(mos[60])) from my_database.my_table
sum by (ruri_user, from_user) (rate(duration[300])) from my_database.my_table where duration > 10
ClickHouse

Convert columns to tagged timeseries using the experimental clickhouse function

Example
clickhouse({ 
  db="my_database", 
  table="my_table", 
  tag="source_ip", 
  metric="avg(mos)", 
  where="mos > 0", 
  interval="60" 
})
Query Options
parameterdescription
dbclickhouse database name
tableclickhouse table name
tagcolumn(s) for tags, comma separated
metricfunction for metric values
wherewhere condition (optional)
intervalinterval in seconds (optional)
timefieldtime/date field name (optional)

:fire: Tempo: Supported Features

cLoki Pulse offers experimental support for the Grafana Tempo API providing span ingestion and querying

At database level, Tempo Spans/Traces are stored as tagged Logs and are accessible from both LogQL and Tempo APIs


Setup

Check out the Wiki for detailed instructions or choose a quick method:

:busstop: GIT (Manual)

Clone this repository, install with npmand run using nodejs 14.x (or higher)

npm install
CLICKHOUSE_SERVER="my.clickhouse.server" CLICKHOUSE_AUTH="default:password" CLICKHOUSE_DB="cloki" node cloki.js
:busstop: NPM

Install cloki as global package on your system using npm

sudo npm install -g cloki
cd $(dirname $(readlink -f `which cloki`)) \
  && CLICKHOUSE_SERVER="my.clickhouse.server" CLICKHOUSE_AUTH="default:password" CLICKHOUSE_DB="cloki" cloki
:busstop: PM2
sudo npm install -g cloki pm2
cd $(dirname $(readlink -f `which cloki`)) \
  && CLICKHOUSE_SERVER="my.clickhouse.server" CLICKHOUSE_AUTH="default:password" CLICKHOUSE_DB="cloki" pm2 start cloki
pm2 save
pm2 startup
:busstop: Docker

For a fully working demo, check the docker-compose example


Logging

The project uses pino for logging and by default outputs JSON'ified log lines. If you want to see "pretty" log lines you can start cloki with npm run pretty

Configuration

The following ENV Variables can be used to control cLoki parameters and backend settings.

ENVDefaultUsage
CLICKHOUSE_SERVERlocalhostClickhouse Server address
CLICKHOUSE_PORT8123Clickhouse Server port
CLICKHOUSE_DBclokiClickhouse Database Name
CLICKHOUSE_AUTHdefault:Clickhouse Authentication (user:password)
CLICKHOUSE_PROTOhttpClickhouse Protocol (http, https)
CLICKHOUSE_TIMEFIELDrecord_datetimeClickhouse DateTime column for native queries
BULK_MAXAGE2000Max Age for Bulk Inserts
BULK_MAXSIZE5000Max Size for Bulk Inserts
BULK_MAXCACHE50000Max Labels in Memory Cache
LABELS_DAYS7Max Days before Label rotation
SAMPLES_DAYS7Max Days before Timeseries rotation
HOST0.0.0.0cLOKi API IP
PORT3100cLOKi API PORT
CLOKI_LOGINundefinedBasic HTTP Username
CLOKI_PASSWORDundefinedBasic HTTP Password
READONLYfalseReadonly Mode, no DB Init
FASTIFY_BODYLIMIT5242880API Maximum payload size in bytes
FASTIFY_REQUESTTIMEOUT0API Maximum Request Timeout in ms
FASTIFY_MAXREQUESTS0API Maximum Requests per socket
TEMPO_SPAN24Default span for Tempo queries in hours
TEMPO_TAGTRACEfalseOptional tagging of TraceID (expensive)
DEBUGfalseDebug Mode (for backwards compatibility)
LOG_LEVELinfoLog Level
HASHshort-hashHash function using for fingerprints. Currently supported short-hash and xxhash64 (xxhash64 function)

Contributors
Disclaimer

©️ QXIP BV, released under the GNU Affero General Public License v3.0. See LICENSE for details.

Footnotes

  1. cLoki is not affiliated or endorsed by Grafana Labs or ClickHouse Inc. All rights belong to their respective owners.

  2. Grafana®, Loki™ and Tempo® are a Trademark of Raintank, Grafana Labs. ClickHouse® is a trademark of ClickHouse Inc. Prometheus is a trademark of The Linux Foundation.

  3. cLoki is a 100% clear-room api implementation and does not fork, use or derivate from Grafana Loki code or concepts. 2

Keywords

FAQs

Package last updated on 03 Jun 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc