Building DockLog: A High-Performance Multi-User Docker Log Viewer

In modern DevOps environments, visibility into containerized applications is everything. While tools like docker logs are great for local development, they quickly fall short when managing production clusters with multiple team members. That's why we built DockLog — a premium, high-performance Docker log viewer designed for teams that demand speed, security, and a beautiful interface.

Most existing Docker log viewers are either too heavy, lack granular access control, or look like they were built in the 90s. We wanted something that felt like a state-of-the-art SaaS product but ran as a lightweight single binary on your own infrastructure. DockLog solves three main problems:

• Security: Multi-user support with forced password changes on first login.
• Granularity: The ability to restrict users to specific containers using wildcards (e.g., api-*).
• Reliability: Self-healing log streams that automatically reconnect if the network drops.

🎨 Premium "Compact-Airy" UI

Built with Vue 3 and custom Vanilla CSS, DockLog features a glassmorphic dark-mode interface. It uses smart truncation and micro-animations to ensure that even with hundreds of containers, the experience remains fluid and clutter-free.

🔐 Advanced RBAC (Role-Based Access Control)

Administrators can assign specific container visibility to staff members using Wildcards or Regex. A developer might only see containers matching frontend-*, while a database admin sees *-db. You can also toggle rights for Starting, Stopping, and Deleting containers per user.

⚡ Self-Healing Real-Time Monitoring

DockLog uses WebSockets for zero-latency log streaming. We implemented a robust "self-healing" mechanism — if your internet drops or the server restarts, the log viewer automatically reconnects and resumes streaming without manual intervention.

🛡️ How RBAC Works Under the Hood

DockLog doesn't just hide buttons in the UI; it enforces security at the API level through a two-layer protection system:

• Pattern Matching Engine: When a user logs in, the Go backend translates simple wildcard patterns (like backend*) into strict regular expressions. This ensures users only see containers they are authorized to monitor.
• Action Authorization: Every action — Start, Stop, Restart, or Remove — is verified against the user's specific rights. Even if a user can see a container, they cannot interact with it unless explicitly granted permission.
• Audit Traceability: Every administrative change and container interaction is recorded in a centralized Audit Log, providing a full paper trail for compliance and security.

Technical Architecture

DockLog is built for performance and a tiny footprint:

• Backend: Go (Echo Framework) for lightning-fast execution and native Docker SDK integration.
• Frontend: Vue.js 3 with Vite for a reactive, modern SPA experience.
• Database: SQLite for simple, serverless storage of users and audit logs.
• Deployment: A single Docker image (or binary) that embeds the entire frontend.

Getting Started

You can deploy DockLog in seconds using Docker Compose:

services:
  docklog:
    image: aimldev/docklog:latest
    ports:
      - "8888:8000"
    environment:
      - SECRET_KEY=your-secure-key
      - DB_PATH=/app/data/docklog.db
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./data:/app/data

Once running, head to localhost:8888 and log in with the default admin credentials.

Final Thoughts

DockLog started as a tool to solve our own team's frustrations, but it has evolved into a robust platform for any team running Docker. By combining the performance of Go with the elegance of modern web design, DockLog makes container monitoring not just productive, but enjoyable.

Check out the project on Docker Hub: aimldev/docklog
Explore the source code, open issues, or contribute improvements on GitHub: Team-AI-ML/docklog