Overview
This documentation provides instructions on configuring the OpenTelemetry Collector with the filelog receiver to read application logs from a file and export them to SigNoz.
The filelog receiver tails and parses logs from files, making it ideal for legacy applications or systems that write logs to disk rather than stdout/stderr.
Prerequisites
- An instance of OpenTelemetry Collector running on your host
- An instance of SigNoz (either Cloud or Self-Hosted)
Sample Log File
For this guide, you can create a sample log file named app.log at /tmp/app.log (or any accessible path) with the following content:
2026-01-12T10:00:00.000Z INFO [main] Application started successfully
2026-01-12T10:00:01.500Z INFO [auth] User 'alice' logged in from 192.168.1.10
2026-01-12T10:00:02.100Z WARN [db] Query execution took longer than 500ms
2026-01-12T10:00:03.200Z ERROR [payment] Payment gateway timeout for transaction #12345
The filelog receiver sends each line as a separate log entry. To parse structured fields like timestamp, level, and message, you can use SigNoz Logs Pipelines to parse logs after ingestion.
Configure Filelog Receiver
The following steps guide you through configuring the filelog receiver on different platforms.
1. Install OpenTelemetry Collector
Follow this guide to install the OpenTelemetry Collector as an agent on your Virtual Machine.
2. Edit Configuration File
Locate your OpenTelemetry Collector configuration file (typically config.yaml or /etc/otel-collector/config.yaml).
Add the filelog receiver to the receivers section:
receivers:
filelog/app:
include: [/tmp/app.log] # Replace with your actual log file path
start_at: end
start_at: The start_at: end configuration ensures that only newly added logs are transmitted. To include historical logs from the file, change this to start_at: beginning.
The /app suffix in filelog/app is a custom identifier that allows you to configure multiple filelog receivers with different settings. You can name differently for different apps (e.g., filelog/nginx, filelog/application).
3. Enable in Pipeline
Add the filelog receiver to your logs pipeline in the service section of your configuration.
service:
pipelines:
logs:
receivers: [otlp, filelog/app] # Add filelog/app here
processors: [batch]
exporters: [otlp]
4. Restart Collector
Restart the OpenTelemetry Collector service for changes to take effect.
sudo systemctl restart otel-collector
The SigNoz Kubernetes Infra Chart automatically collects logs from all pods by default. This is managed via the presets.logsCollection.enabled property, which configures a filelog receiver to ingest logs from the standard Kubernetes log path (/var/log/pods/*).
Recommendation: For the best experience, configure your applications to log to stdout and stderr. This ensures they are automatically captured by the standard Kubernetes logging infrastructure without additional configuration.
The default configuration collects logs from all pods in the cluster. To filter specific namespaces or pods, you'll need to customize the filelog receiver configuration.
If you are running the OpenTelemetry Collector as a Docker container, you need to mount the log file from your host machine into the container.
1. Edit Configuration File
Add the filelog receiver to the receivers section of your otel-collector-config.yaml:
receivers:
filelog:
include: [/tmp/app.log] # Path inside the container
start_at: end
2. Enable in Pipeline
Add the filelog receiver to your logs pipeline in the service section:
service:
pipelines:
logs:
receivers: [otlp, filelog] # Add filelog here
processors: [batch]
exporters: [otlp]
3. Run Collector with Mounts
Run the collector container, mounting your host log file (e.g., ~/logs/app.log) to the expected path inside the container (e.g., /tmp/app.log).
docker run -d \
--name signoz-otel-collector \
-v ~/logs/app.log:/tmp/app.log:ro \
-v $(pwd)/otel-collector-config.yaml:/etc/otel/config.yaml \
otel/opentelemetry-collector-contrib:latest \
--config /etc/otel/config.yaml
For production deployments, pin to a specific version tag instead of latest to ensure consistency. Check the releases page for available versions.
For more examples, see the Collect Docker Logs doc.
1. Install OpenTelemetry Collector
Follow this guide to install the OpenTelemetry Collector on Windows.
2. Edit Configuration File
Locate your OpenTelemetry Collector configuration file (e.g., C:\ProgramData\OpenTelemetry Collector\config.yaml).
Add the filelog receiver to the receivers section, ensuring you use valid Windows paths (escape backslashes):
receivers:
filelog/app:
include: ["C:/Logs/app.log"]
start_at: end
3. Enable in Pipeline
Add the filelog receiver to your logs pipeline:
service:
pipelines:
logs:
receivers: [otlp, filelog/app]
processors: [batch]
exporters: [otlp]
4. Restart Service
Restart the OpenTelemetry Collector service via PowerShell:
Restart-Service opentelemetry-collector
Validate Logs
Once configured and restarted, generate some new logs in your file:
echo "Testing SigNoz filelog receiver $(date)" >> /tmp/app.log
echo "2026-01-12T12:00:00.000Z INFO [test] Manual log entry for verification" >> /tmp/app.log
echo "2026-01-12T12:00:01.500Z INFO [test] Manual log entry for verification" >> /tmp/app.log
echo "2026-01-12T12:00:02.100Z INFO [test] Manual log entry for verification" >> /tmp/app.log
echo "2026-01-12T12:00:03.200Z INFO [test] Manual log entry for verification" >> /tmp/app.log
For Windows, use PowerShell:
Add-Content -Path "C:\Logs\app.log" -Value "Testing SigNoz filelog receiver $(Get-Date)"
Add-Content -Path "C:\Logs\app.log" -Value "2026-01-12T12:00:00.000Z INFO [test] Manual log entry for verification"
Go to the SigNoz UI -> Logs tab. You should see your new log entries appearing.
Troubleshooting
Logs not appearing in SigNoz
- Check File Permissions: Ensure the OpenTelemetry Collector user has read permissions for the log file. On Linux, the collector usually runs as
otelorroot.ls -l /tmp/app.log # Adjust permissions if necessary chmod 644 /tmp/app.log - Verify Path: Double-check the path in the
includeconfig. For glob patterns (e.g.*.log), ensure it matches the actual files. - Check
start_atSetting: If you setstart_at: end(default), the collector only reads new lines written after the collector starts. To see existing lines, change tostart_at: beginningand restart the collector. - Check Collector Logs: Look at the OTel Collector's own logs for errors (e.g. "permission denied", "no files found").
# For systemd journalctl -u otel-collector -f # For Docker docker logs signoz-otel-collector
Advanced Configuration
Next Steps
- Querying Logs: Learn how to filter and query your logs.
- Create Alerts: Set up alerts based on log content.
Get Help
If you need help with the steps in this topic, please reach out to us on SigNoz Community Slack.
If you are a SigNoz Cloud user, please use in product chat support located at the bottom right corner of your SigNoz instance or contact us at cloud-support@signoz.io.
