Are there straightforward configurations to set up sources on a per container basis? I have several services running across an ECS cluster. I would like to filter in sumo logic in the following fashion: / (e.g. prod/foo, stage/foo, etc.,). The sumologic/collector:latest-syslog container allows me to configure the collector name and prefix in that manner. Running a collector container per app would allow me to do this. However, in order for that to work the corresponding app container needs to provide a log-opts argument along the lines of syslog-address=udp://localhost:514. The problem with this approach is that it requires me to have predefined ports to use on the host which won't work for an environment like ECS - where we can't assume how many apps will be running on a particular host at a given time. If syslog-address could be another container then this would work.
Please sign in to leave a comment.