Loki compared to other log systems

Data in Elasticsearch is stored on-disk as unstructured JSON objects. Both thekeys for each object and the contents of each key are indexed. Data can then bequeried using a JSON object to define a query (called the Query DSL) or throughthe Lucene query language.

Fluentd is usually used to collect and forward logs to Elasticsearch. Fluentd iscalled a data collector which can ingest logs from many sources, process it, andforward it to one or more targets.

The way Loki represents logs by a set of label pairs is similar to howPrometheus represents metrics. When deployed in anenvironment alongside Prometheus, logs from Promtail usually have the samelabels as your applications metrics thanks to using the same servicediscovery mechanisms. Having logs and metrics with the same levels enables usersto seamlessly context switch between metrics and logs, helping with root causeanalysis.

In comparison, Grafana is tailored specifically towards time series data fromsources like Prometheus and Loki. Dashboards can be set up to visualize metrics(log support coming soon) and an explore view can be used to make ad-hoc queriesagainst your data. Like Kibana, Grafana supports alerting based on your metrics.