Log Collector
The black-box flight recorder for your fleet — metrics and log bundles from any Docker host.
What the Log Collector does
The Log Collector runs as a small container next to your workload and continuously pushes diagnostic data to the FleetManager — so root-cause information exists centrally before a machine goes offline.
- Host metrics: CPU, load, RAM, disk and container state (~every 90 s).
- Log bundles: compressed Docker container logs + host diagnostics, uploaded in resumable chunks.
- Outage-proof: logs are mirrored to a volume continuously — a bundle assembled after a crash still contains the pre-outage lines.
- On demand: "Collect logs now" right from the dashboard.
Requirements
- Any Linux host with Docker and Docker Compose
- An ingest token (
fmt_…) from your FleetManager - A few hundred MB of free disk for the bundle spool
1. Create the fleet config
Create a config.json with your fleet identity:
{
"fleetmanagement": {
"base_url": "https://fleet.brinkhaus-gmbh.de",
"customer_name": "your-customer-slug",
"machine": "your-machine-name",
"token": "fmt_YOUR_INGEST_TOKEN",
"heartbeat_interval_sec": 60
}
}2. Set up Docker Compose
Create a docker-compose.yml.
The collector talks only to the read-only
docker-socket-proxy — never the raw Docker socket:
services:
docker-socket-proxy:
image: tecnativa/docker-socket-proxy:0.3.0
restart: always
environment:
CONTAINERS: 1
INFO: 1
EVENTS: 1
POST: 0
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
logcollector:
image: brinkhausgmbh/fleetmanager-logcollector:latest
restart: always
depends_on:
- docker-socket-proxy
environment:
DOCKER_PROXY_URL: tcp://docker-socket-proxy:2375
METRICS_DISK_PATH: /host-root
SPOOL_DIR: /spool
volumes:
- ./config.json:/app/fleetManagementData/config.json:ro
- logcollector-spool:/spool
- /:/host-root:ro
cpus: 0.50
mem_limit: 256m
volumes:
logcollector-spool:3. Start and verify
# Start the stack
docker compose up -d
# Check the logs
docker compose logs -f logcollectorWithin a minute the machine appears in the dashboard — with a Resources tab (metrics) and an Artifacts tab (log bundles).
Security
The collector never mounts the raw
/var/run/docker.sock.
All Docker access goes through the read-only
docker-socket-proxy
(CONTAINERS/INFO/EVENTS=1,
POST=0). The container runs
as an unprivileged user; the spool is bounded and can never fill the disk.
Docker image
The official image is published on Docker Hub:
docker pull brinkhausgmbh/fleetmanager-logcollector:latest
# Or a specific version:
docker pull brinkhausgmbh/fleetmanager-logcollector:0.2.0
Available tags: :latest,
:X.Y.Z,
:X.Y,
:X
Changelog
0.2.0 2026-06-02
Added
- Standalone, customer-deployable module with its own Docker image (brinkhausgmbh/fleetmanager-logcollector) — runs on any Docker host
- Tier-2 log bundles: compressed tar.zst snapshots of container logs + host diagnostics (df, ps, /proc, docker inspect), uploaded in resumable chunks
- Continuous log mirroring to a host volume — bundles survive a container update/restart and contain the pre-outage logs
- On demand: a "Collect logs now" button in the dashboard
- Event-triggered: a container crash/OOM fires an immediate bundle
- Tier-1 metrics now include a container summary (running/total/state)
Security
- No direct docker.sock access — only via a read-only docker-socket-proxy (POST=0). Runs as a non-root user.
0.1.0 2026-06-01
Added
- Initial tier: host metrics (CPU/RAM/disk) via psutil under the "logcollector" software slug
Start for free — 5 devices included
Fleet monitoring and security compliance in under 10 minutes. No credit card required.