VictoriaLogs 🪵

Stream and analyze logs directly from VictoriaLogs with Gonzo's native integration. Leverage VictoriaLogs' high-performance log storage with Gonzo's powerful analysis capabilities, including AI insights and pattern detection.

Why Use Gonzo with VictoriaLogs?

VictoriaLogs is a high-performance, cost-effective log database. Combining it with Gonzo provides:

• 🚀 High-Performance Streaming - Direct streaming from VictoriaLogs without intermediaries

• 🤖 AI-Powered Analysis - Intelligent insights on your stored logs

• 📊 Pattern Detection - Automatic clustering of similar log entries

• 🔍 LogsQL Queries - Powerful query language for precise log filtering

• 🏷️ Smart Field Mapping - Automatic mapping of VictoriaLogs fields to Gonzo attributes

• ⚡ Real-Time Analysis - Live streaming and analysis of logs as they arrive

Features

Custom Field Parsing

Gonzo automatically maps VictoriaLogs fields to provide optimal display and analysis:

Special Field Mappings

Host Detection - Checked in priority order:

1. k8s.node.name (Kubernetes node)

2. kubernetes.pod_node_name (Alternative K8s format)

3. kubernetes_pod_node_name (Underscore format)

Severity Detection - Checked in priority order:

• level

• severity

• log.level

• log_level

• loglevel

• levelname

Format Transformation Example

VictoriaLogs JSON Input:

Gonzo Display:

• Message: "Database connection established" ✅ (clean message, not raw JSON)

• Severity: INFO (with appropriate color coding)

• Timestamp: 2024-01-15T10:30:46.456Z

• Host: node-02 (mapped from k8s.node.name)

• Attributes Panel:

  • service = "database"

  • pool_size = 10

  • _stream = "app-logs"

  • _stream_id = "stream-001"

Configuration

Command Line Options

Environment Variables

Configuration File

Usage:

Usage Examples

Basic Streaming

Authenticated Access

LogsQL Query Examples

Real-World Integration Patterns

Production Monitoring

Kubernetes Log Analysis

Time-Based Analysis

Performance Troubleshooting

Implementation Details

VictoriaLogs Client Architecture

Gonzo's VictoriaLogs integration includes:

1. Streaming Client (internal/vmlogs/client.go)

   • Connects to VictoriaLogs /select/logsql/tail endpoint

   • Maintains persistent streaming connection

   • Handles reconnection on failures

2. Format Converter

   • Transforms VictoriaLogs JSON to OTLP format

   • Preserves all field information

   • Optimizes for Gonzo display

3. Field Mapper

   • Handles special fields (_msg, _time, etc.)

   • Maps host fields in priority order

   • Extracts all attributes automatically

4. Severity Detector

   • Identifies log levels from various field names

   • Provides consistent severity detection

   • Enables proper color coding

Streaming Endpoint

Gonzo uses the VictoriaLogs streaming tail endpoint:

This provides:

• Real-time log streaming

• Efficient resource usage

• Native LogsQL query support

• Automatic format conversion

Configuration Optimization

High-Performance Setup

Development Setup

Best Practices

🎯 Efficient Querying

🔒 Security Best Practices

⚡ Performance Optimization

Troubleshooting

Connection Issues

Query Issues

Performance Issues

Field Mapping Issues

What's Next?

Now that you've mastered VictoriaLogs integration, explore related topics:

• Configuration - Optimize for VictoriaLogs workflows

• AI Integration - Enhanced log analysis with AI

• Advanced Features - Pattern detection in VictoriaLogs data

• Kubernetes Integration - Combine with K8s log analysis

Or try these advanced VictoriaLogs patterns:

Unlock powerful log analysis with VictoriaLogs and Gonzo! 📊 Native integration, intelligent field mapping, and AI-powered insights make VictoriaLogs logs easy to analyze and understand.