1
00:00:00,150 --> 00:00:06,600
OK, so the next part so that we can query through our lucky data source is to install a collector for

2
00:00:06,630 --> 00:00:08,700
the lucky service and we'll use pronto.

3
00:00:08,730 --> 00:00:13,740
You'll often see Prompt Allen like he used to get OK, so let's install the prompt health service on

4
00:00:13,740 --> 00:00:15,120
our Gravano server as well.

5
00:00:15,180 --> 00:00:18,250
OK, so we can get prompt on the same place that we got lucky.

6
00:00:18,270 --> 00:00:21,010
That's the low key releases web page.

7
00:00:21,030 --> 00:00:21,960
So if open that.

8
00:00:22,050 --> 00:00:24,600
It's currently two point four point one for me.

9
00:00:24,990 --> 00:00:31,880
If I scroll down, I can see the prompt tail related binaries and I'll be installing pronto Linux AMD64

10
00:00:31,920 --> 00:00:34,650
because that suits the architecture of my Linux machine.

11
00:00:34,890 --> 00:00:38,010
So make sure you in that usr local bin folder already.

12
00:00:38,010 --> 00:00:45,300
I already am usr local bin paste, so copy that line there where downloading prompted Linux i amd64

13
00:00:45,300 --> 00:00:52,890
from Safana like it releases version two for one into case of I type less see in there prompt tale Linux

14
00:00:52,900 --> 00:00:54,290
AMD64 zip.

15
00:00:54,300 --> 00:00:57,720
It's on the zip it OK on the prompter alongside these 64 zip.

16
00:00:57,990 --> 00:01:00,430
OK, so that's inflated less.

17
00:01:01,290 --> 00:01:05,530
OK, so from tail locks, AMD64 already has excuse permissions.

18
00:01:05,550 --> 00:01:06,060
Excellent.

19
00:01:06,120 --> 00:01:08,490
If not, you can run that line there.

20
00:01:08,610 --> 00:01:14,030
OK, we don't need to create the config file for our quantile so sudo nano config from tail.

21
00:01:14,040 --> 00:01:14,670
Why now?

22
00:01:15,390 --> 00:01:19,500
OK, let's add this script of copy to the clipboard.

23
00:01:20,250 --> 00:01:21,840
OK, right click or pastes.

24
00:01:22,050 --> 00:01:24,570
So it's going to listen on Port Ninety eight.

25
00:01:24,720 --> 00:01:30,540
It's also going to create a gypsy port, and zero means bind to any port, which means it's going to

26
00:01:30,540 --> 00:01:33,020
be quite hard for me to block their port if I want to.

27
00:01:33,030 --> 00:01:38,640
So I'm going to explicitly put it on a different port number being nine zero nine seven, which is the

28
00:01:38,640 --> 00:01:42,270
next in line after the port that Loki was using.

29
00:01:42,300 --> 00:01:43,970
I will block that port eventually.

30
00:01:43,980 --> 00:01:50,580
OK, when prom tail starts, it will be connecting to our Loki service, running on our local host three

31
00:01:50,580 --> 00:01:52,440
one hundred and pushing data to it.

32
00:01:52,500 --> 00:01:56,550
It has one scrape config called system targeting itself.

33
00:01:56,670 --> 00:01:58,560
And are we reading all the log files?

34
00:01:58,560 --> 00:02:00,420
VAR log star log.

35
00:02:00,480 --> 00:02:02,220
That's a wildcard control.

36
00:02:02,280 --> 00:02:09,270
X to save that, yes, enter Ellis Heights again, and we can see that there's a config pronto watermill

37
00:02:09,270 --> 00:02:09,690
as well.

38
00:02:09,720 --> 00:02:11,790
These files don't need excu permissions.

39
00:02:11,790 --> 00:02:13,420
Only just binaries do.

40
00:02:13,440 --> 00:02:18,000
OK, so this configuration file I got from the official repository again.

41
00:02:18,000 --> 00:02:19,110
So we look at that.

42
00:02:19,200 --> 00:02:19,670
That's it.

43
00:02:19,920 --> 00:02:25,620
So do take note that if you're not using version two point four point one, this configuration file

44
00:02:25,620 --> 00:02:27,960
might be slightly differently or version OK.

45
00:02:27,960 --> 00:02:31,210
So now we'll configure pronto as a service, just like we did with Loki.

46
00:02:31,230 --> 00:02:36,800
So let's create a specific user that what we use to execute pronto tail and I'll call that user pronto

47
00:02:37,170 --> 00:02:44,550
pseudo user add system promptly so we can check that that prompt our user exists by typing ID from tail

48
00:02:45,150 --> 00:02:51,060
and UID nine nine six script by day is nine on six, and as part of the Prompt Hale Group, we could

49
00:02:51,060 --> 00:02:55,290
also check the ID for Loki that we created in the last video.

50
00:02:55,710 --> 00:02:56,940
Loki nine on seven.

51
00:02:57,150 --> 00:03:01,860
Let's create a service file from Pronto, so copy that line using nano again.

52
00:03:01,860 --> 00:03:08,280
And in that, add this script just copied that script to clipboard right click from tail service type

53
00:03:08,280 --> 00:03:13,980
simple user prompt tail exec start user like helping prom tail locks ai amd64.

54
00:03:13,980 --> 00:03:20,160
That's the file which is copied from the Loki repository and unzipped its config file is usr local bin

55
00:03:20,160 --> 00:03:22,440
config prompt male or female?

56
00:03:22,590 --> 00:03:23,040
Excellent.

57
00:03:23,340 --> 00:03:30,660
We can side that control x y for yes, and so we can now start it from tail start and check its status.

58
00:03:31,480 --> 00:03:33,000
OK, active running perfect.

59
00:03:33,810 --> 00:03:36,090
I use control seat, except that status.

60
00:03:36,840 --> 00:03:41,340
OK, so the prompt service is now started and is now running and is pushing data to Loki.

61
00:03:41,400 --> 00:03:47,010
But there is one problem the prompt male user that I've created doesn't have access to.

62
00:03:47,010 --> 00:03:54,450
Read all the log files in the VAR log folder, so I'll show you this if we change our directory to see

63
00:03:54,450 --> 00:04:01,320
a VAR log and we do lists l'hygiene, we can see there's a whole lot of log files in there.

64
00:04:01,350 --> 00:04:09,090
But if I just scroll up, we can see the user and the group of these log files is syslog adim, so they're

65
00:04:09,810 --> 00:04:10,590
further down.

66
00:04:10,680 --> 00:04:16,110
There's also one kernel syslog admin syslog ID. For this log as well our prompt.

67
00:04:16,110 --> 00:04:22,079
Our user doesn't have permission to read those files, so we need to add our prompt L used to that group.

68
00:04:22,079 --> 00:04:27,260
So to do that user mode, add to Group ID. prob tail.

69
00:04:27,510 --> 00:04:28,260
Right click that.

70
00:04:28,500 --> 00:04:30,480
OK, now if we do ID prompt tail.

71
00:04:31,840 --> 00:04:38,140
Prom tale is now part of the A-Team group, that means the prom tale is now able to read the log falls

72
00:04:38,140 --> 00:04:40,580
in the server and pushed information to low key.

73
00:04:40,960 --> 00:04:44,110
After doing that, we should restart pronto.

74
00:04:49,890 --> 00:04:52,440
Case that's taken quite a while to restart.

75
00:04:55,440 --> 00:04:56,980
OK, so that took about a minute.

76
00:04:57,000 --> 00:04:59,040
It would have been scanning those log files.

77
00:04:59,250 --> 00:05:01,290
OK, now we just double check the status.

78
00:05:02,550 --> 00:05:05,670
OK, so it's active running control, so you get out of that.

79
00:05:05,850 --> 00:05:13,500
OK, so now go back into Safana, go to the Explore tab and make sure like use your data source, you

80
00:05:13,500 --> 00:05:15,420
should see this term here.

81
00:05:15,420 --> 00:05:21,660
Low browser and when you click it, we'll see the available log fall so we can query that Prometheus

82
00:05:21,660 --> 00:05:22,950
has put into liking.

83
00:05:23,220 --> 00:05:26,840
So click one of those you can click in to turn them on and off like that.

84
00:05:26,850 --> 00:05:34,770
So all this look at job VAR logs and then show logs, and that is now showing me all the logs that I'm

85
00:05:34,770 --> 00:05:37,080
getting from my syslog.

86
00:05:37,860 --> 00:05:39,500
There's a lot of information there right now.

87
00:05:39,510 --> 00:05:43,380
You can look through that, but we'll go through this in the next video.

88
00:05:43,380 --> 00:05:48,510
And if you want, look at the other one, we can turn off jobs and press for name and we can look at,

89
00:05:48,660 --> 00:05:51,390
say, or slug, for example Sherlock's.

90
00:05:52,390 --> 00:05:55,440
And we can see who's logging on and off and when.

91
00:05:56,230 --> 00:05:56,590
Excellent.

92
00:05:56,800 --> 00:05:57,880
So have a good look through that.

93
00:05:57,880 --> 00:06:06,850
In the next video, we'll look at log Kuo, which is the query language used by Loki to query log files.

94
00:06:07,060 --> 00:06:09,940
And that is a very simple, logical statement there.

95
00:06:09,970 --> 00:06:11,380
We'll look forward to that next for you.

96
00:06:11,620 --> 00:06:12,010
Excellent.