WEBVTT 00:00.150 --> 00:06.600 OK, so the next part so that we can query through our lucky data source is to install a collector for 00:06.630 --> 00:08.700 the lucky service and we'll use pronto. 00:08.730 --> 00:13.740 You'll often see Prompt Allen like he used to get OK, so let's install the prompt health service on 00:13.740 --> 00:15.120 our Gravano server as well. 00:15.180 --> 00:18.250 OK, so we can get prompt on the same place that we got lucky. 00:18.270 --> 00:21.010 That's the low key releases web page. 00:21.030 --> 00:21.960 So if open that. 00:22.050 --> 00:24.600 It's currently two point four point one for me. 00:24.990 --> 00:31.880 If I scroll down, I can see the prompt tail related binaries and I'll be installing pronto Linux AMD64 00:31.920 --> 00:34.650 because that suits the architecture of my Linux machine. 00:34.890 --> 00:38.010 So make sure you in that usr local bin folder already. 00:38.010 --> 00:45.300 I already am usr local bin paste, so copy that line there where downloading prompted Linux i amd64 00:45.300 --> 00:52.890 from Safana like it releases version two for one into case of I type less see in there prompt tale Linux 00:52.900 --> 00:54.290 AMD64 zip. 00:54.300 --> 00:57.720 It's on the zip it OK on the prompter alongside these 64 zip. 00:57.990 --> 01:00.430 OK, so that's inflated less. 01:01.290 --> 01:05.530 OK, so from tail locks, AMD64 already has excuse permissions. 01:05.550 --> 01:06.060 Excellent. 01:06.120 --> 01:08.490 If not, you can run that line there. 01:08.610 --> 01:14.030 OK, we don't need to create the config file for our quantile so sudo nano config from tail. 01:14.040 --> 01:14.670 Why now? 01:15.390 --> 01:19.500 OK, let's add this script of copy to the clipboard. 01:20.250 --> 01:21.840 OK, right click or pastes. 01:22.050 --> 01:24.570 So it's going to listen on Port Ninety eight. 01:24.720 --> 01:30.540 It's also going to create a gypsy port, and zero means bind to any port, which means it's going to 01:30.540 --> 01:33.020 be quite hard for me to block their port if I want to. 01:33.030 --> 01:38.640 So I'm going to explicitly put it on a different port number being nine zero nine seven, which is the 01:38.640 --> 01:42.270 next in line after the port that Loki was using. 01:42.300 --> 01:43.970 I will block that port eventually. 01:43.980 --> 01:50.580 OK, when prom tail starts, it will be connecting to our Loki service, running on our local host three 01:50.580 --> 01:52.440 one hundred and pushing data to it. 01:52.500 --> 01:56.550 It has one scrape config called system targeting itself. 01:56.670 --> 01:58.560 And are we reading all the log files? 01:58.560 --> 02:00.420 VAR log star log. 02:00.480 --> 02:02.220 That's a wildcard control. 02:02.280 --> 02:09.270 X to save that, yes, enter Ellis Heights again, and we can see that there's a config pronto watermill 02:09.270 --> 02:09.690 as well. 02:09.720 --> 02:11.790 These files don't need excu permissions. 02:11.790 --> 02:13.420 Only just binaries do. 02:13.440 --> 02:18.000 OK, so this configuration file I got from the official repository again. 02:18.000 --> 02:19.110 So we look at that. 02:19.200 --> 02:19.670 That's it. 02:19.920 --> 02:25.620 So do take note that if you're not using version two point four point one, this configuration file 02:25.620 --> 02:27.960 might be slightly differently or version OK. 02:27.960 --> 02:31.210 So now we'll configure pronto as a service, just like we did with Loki. 02:31.230 --> 02:36.800 So let's create a specific user that what we use to execute pronto tail and I'll call that user pronto 02:37.170 --> 02:44.550 pseudo user add system promptly so we can check that that prompt our user exists by typing ID from tail 02:45.150 --> 02:51.060 and UID nine nine six script by day is nine on six, and as part of the Prompt Hale Group, we could 02:51.060 --> 02:55.290 also check the ID for Loki that we created in the last video. 02:55.710 --> 02:56.940 Loki nine on seven. 02:57.150 --> 03:01.860 Let's create a service file from Pronto, so copy that line using nano again. 03:01.860 --> 03:08.280 And in that, add this script just copied that script to clipboard right click from tail service type 03:08.280 --> 03:13.980 simple user prompt tail exec start user like helping prom tail locks ai amd64. 03:13.980 --> 03:20.160 That's the file which is copied from the Loki repository and unzipped its config file is usr local bin 03:20.160 --> 03:22.440 config prompt male or female? 03:22.590 --> 03:23.040 Excellent. 03:23.340 --> 03:30.660 We can side that control x y for yes, and so we can now start it from tail start and check its status. 03:31.480 --> 03:33.000 OK, active running perfect. 03:33.810 --> 03:36.090 I use control seat, except that status. 03:36.840 --> 03:41.340 OK, so the prompt service is now started and is now running and is pushing data to Loki. 03:41.400 --> 03:47.010 But there is one problem the prompt male user that I've created doesn't have access to. 03:47.010 --> 03:54.450 Read all the log files in the VAR log folder, so I'll show you this if we change our directory to see 03:54.450 --> 04:01.320 a VAR log and we do lists l'hygiene, we can see there's a whole lot of log files in there. 04:01.350 --> 04:09.090 But if I just scroll up, we can see the user and the group of these log files is syslog adim, so they're 04:09.810 --> 04:10.590 further down. 04:10.680 --> 04:16.110 There's also one kernel syslog admin syslog ID. For this log as well our prompt. 04:16.110 --> 04:22.080 Our user doesn't have permission to read those files, so we need to add our prompt L used to that group. 04:22.080 --> 04:27.260 So to do that user mode, add to Group ID. prob tail. 04:27.510 --> 04:28.260 Right click that. 04:28.500 --> 04:30.480 OK, now if we do ID prompt tail. 04:31.840 --> 04:38.140 Prom tale is now part of the A-Team group, that means the prom tale is now able to read the log falls 04:38.140 --> 04:40.580 in the server and pushed information to low key. 04:40.960 --> 04:44.110 After doing that, we should restart pronto. 04:49.890 --> 04:52.440 Case that's taken quite a while to restart. 04:55.440 --> 04:56.980 OK, so that took about a minute. 04:57.000 --> 04:59.040 It would have been scanning those log files. 04:59.250 --> 05:01.290 OK, now we just double check the status. 05:02.550 --> 05:05.670 OK, so it's active running control, so you get out of that. 05:05.850 --> 05:13.500 OK, so now go back into Safana, go to the Explore tab and make sure like use your data source, you 05:13.500 --> 05:15.420 should see this term here. 05:15.420 --> 05:21.660 Low browser and when you click it, we'll see the available log fall so we can query that Prometheus 05:21.660 --> 05:22.950 has put into liking. 05:23.220 --> 05:26.840 So click one of those you can click in to turn them on and off like that. 05:26.850 --> 05:34.770 So all this look at job VAR logs and then show logs, and that is now showing me all the logs that I'm 05:34.770 --> 05:37.080 getting from my syslog. 05:37.860 --> 05:39.500 There's a lot of information there right now. 05:39.510 --> 05:43.380 You can look through that, but we'll go through this in the next video. 05:43.380 --> 05:48.510 And if you want, look at the other one, we can turn off jobs and press for name and we can look at, 05:48.660 --> 05:51.390 say, or slug, for example Sherlock's. 05:52.390 --> 05:55.440 And we can see who's logging on and off and when. 05:56.230 --> 05:56.590 Excellent. 05:56.800 --> 05:57.880 So have a good look through that. 05:57.880 --> 06:06.850 In the next video, we'll look at log Kuo, which is the query language used by Loki to query log files. 06:07.060 --> 06:09.940 And that is a very simple, logical statement there. 06:09.970 --> 06:11.380 We'll look forward to that next for you. 06:11.620 --> 06:12.010 Excellent.