Visualizing Your Traefik Logs: Deploying the Traefik Log Dashboard with the Pangolin Stack

OddMagnet · September 4, 2025, 1:00pm

The MaxMind updater didn’t work for me, so I did some digging and found that they have their own updater, even as a docker container.

Using this instead of the script from the guide worked for me:

  geoipupdate:
    container_name: geoipupdate
    image: ghcr.io/maxmind/geoipupdate
    restart: unless-stopped
    volumes:
      - ./config/maxmind:/usr/share/GeoIP
    environment:
      - GEOIPUPDATE_ACCOUNT_ID=YOUR_ID_HERE
      - GEOIPUPDATE_LICENSE_KEY=YOUR_KEY_HERE
      - GEOIPUPDATE_EDITION_IDS=GeoLite2-ASN GeoLite2-City GeoLite2-Country
      - GEOIPUPDATE_FREQUENCY=72

This also has the bonus of updating automatically (every 3 days in my example)

OddMagnet · September 4, 2025, 1:10pm

Top Requested Routers / Addresses / Hosts are empty for me though.

My trafing_config.yml is pretty much the default for a new Pangolin installation.

I’m wondering if I need to change something in my access_log entry to see them in the dashboard:

accessLog:
    bufferingSize: 100
    fields:
        defaultMode: drop
        headers:
            defaultMode: drop
            names:
                Authorization: redact
                Content-Type: keep
                Cookie: redact
                User-Agent: keep
                X-Forwarded-For: keep
                X-Forwarded-Proto: keep
                X-Real-Ip: keep
        names:
            ClientAddr: keep
            ClientHost: keep
            DownstreamContentSize: keep
            DownstreamStatus: keep
            Duration: keep
            RequestMethod: keep
            RequestPath: keep
            RequestProtocol: keep
            RetryAttempts: keep
            ServiceName: keep
            StartUTC: keep
            TLSCipher: keep
            TLSVersion: keep
    filePath: /var/log/traefik/access.log
    filters:
        minDuration: 100ms
        retryAttempts: true
        statusCodes:
            - 200-299
            - 400-499
            - 500-599
    format: json

hhf.technoloy · September 5, 2025, 9:32am

start with basic and then expand

# ./config/traefik/traefik_config.yml

log:
  level: INFO
  filePath: "/var/log/traefik/traefik.log"

accessLog:
  filePath: "/var/log/traefik/access.log"
  format: json # <-- Essential for dashboard parsing
  fields:
    defaultMode: keep
    headers:
      defaultMode: keep
      names:
        User-Agent: keep
        Authorization: drop

OddMagnet · September 5, 2025, 5:47pm

Figured as much. I’m not sure about the performance impact, so for now I’ll just leave it at keeping everything.

I’ve looked at the code and was able to find the place where Logs are parsed, so I could just use that if I need to reduce the amount of stuff that’s being written into the logs if needed in the future

hhf.technoloy · September 5, 2025, 5:51pm

coming up with a merged version soon (backend and frontend). faster and more optimized

Akhenaten · September 16, 2025, 6:38am

Any way to password protect this dashboard?

po_tato · September 16, 2025, 5:18pm

You can use Pangolin SSO.