remove timestamp from log line with Promtail

Question

I am scraping logs from docker with Promtail to Loki.

Works very well, but I would like to remove timestamp from log line once it has been extracted by Promtail. The reason is that I end up with log panel that half of screen is occupied by timestamp. If I want to display timestamp in panel, I can do that, so I dont really need it in log line.

I have been reading documentation, but not sure how to approach it. logfmt? replace? timestamp? https://grafana.com/docs/loki/latest/clients/promtail/stages/logfmt/

promtail-config.yml

server:
  http_listen_port: 9080
  grpc_listen_port: 0

positions:
  filename: /tmp/positions.yaml

clients:
  - url: http://loki:3100/loki/api/v1/push

scrape_configs:
  # local machine logs
  - job_name: local logs
    static_configs:
      - targets:
          - localhost
        labels:
          job: varlogs
          __path__: /var/log/*log

  # docker containers
  - job_name: containers
    docker_sd_configs:
      - host: unix:///var/run/docker.sock
        refresh_interval: 15s
    pipeline_stages:
      - docker: {}
    relabel_configs:
      - source_labels: ['__meta_docker_container_label_com_docker_compose_service']
        regex: '(.*)'
        target_label: 'service'

Thank you

`regex: (?P....) (?P.*) labels: timestamp: message:` and then in loki type `{.....} | format '{{message}}'` — KamilCuk, Nov 08 '22 at 23:35
@KamilCuk could you format your suggestion and elaborate on "{.....} | format '{{message}}'" ? Its hard to guess where I should put the last part and how to format first one. — tas, Nov 09 '22 at 02:48

score 1 · Answer 1 · answered Nov 09 '22 at 04:08

1

Actually I just realized I was looking for wrong thing. I just wanted to display less logs in Grafana, logs were formatted properly. I just had to select fields to display.

Thanks!

answered Nov 09 '22 at 04:08

tas

45
2
7

remove timestamp from log line with Promtail

1 Answers1