Skip to content

Admin Guide: Overview

The Admin Guide contains everything a platform engineer, SRE, or security operations lead needs to install, configure, access, and operate a Logster deployment. This page is the entry point.

What the Admin Guide covers

Page You'll learn how to...
Installation Stand up a full Logster stack on a single host using Docker Compose, verify the pipeline end-to-end, and tear it down.
Installation Parameters Tune every parameter in service-config.yaml — Kafka, model, inference windows, Redis, Elasticsearch, alerts, API — plus environment-variable overrides.
Log Sources Understand exactly where Logster gets real-time log data from on Windows and Linux, which Kafka topic each source feeds, and the exact format the normalizer accepts on each topic.
Accessing Logster Find the URLs, ports, and default credentials for every user-facing interface (Dashboard, API, Grafana, Kibana, Prometheus).
Authentication Understand Logster's current authentication posture, the DISABLE_AUTH flag, and how to put the deployment behind an auth-enforcing reverse proxy.
Daily Operations Perform routine operational tasks — health checks, log inspection, metric review, scaling, backup.
Important Considerations Review the production hardening checklist, known limitations, and the list of items you must address before exposing Logster to an untrusted network.

Target audience

The Admin Guide assumes you are comfortable with:

  • Docker and Docker Compose v2 — every service runs in a container.
  • Basic Linux administration — shell, file permissions, networking, TCP port management.
  • Reading YAML — most of Logster's configuration lives in deploy/service-config.yaml.

You do not need Python or Node.js on the host machine. Every Logster service is containerized.

Prerequisites summary

Before you start, make sure you have:

  • A Linux, macOS, or Windows + WSL2 host with Docker Engine 24.x or newer.
  • At least 8 GB of RAM available to Docker. Elasticsearch alone requests around 1 GB of heap, and the GNN inference workers add on top.
  • At least 10 GB of free disk for Docker images, Kafka log segments, Elasticsearch indices, and pre-trained models.
  • The following TCP ports free on the host: 9092, 9200, 6379, 3000, 5601, 9090, 5001, 8080, 4317, 4318, 3200.

[!TIP] If any of the required ports are already in use, you can remap them in deploy/docker-compose.yml before starting the stack. Change only the host-side port (left of the :) — the container-side ports are hard-coded elsewhere.

Reading order

If you are deploying Logster for the first time, read the Admin Guide in this order:

  1. Installation — get a working stack running.
  2. Accessing Logster — verify every user-facing interface is reachable.
  3. Log Sources — understand what endpoint collectors and shippers you need to deploy to feed the stack.
  4. Installation Parameters — tune the defaults to match your environment.
  5. Daily Operations — learn the runbook.
  6. Important Considerations — close the gaps before exposing Logster to real traffic.

For analyst-facing documentation, see the Dashboard User Guide. For the REST API, see the API User Guide.