Configure Docker daemon log level


The Docker daemon supports five log levels: debug, info, warn, error, and fatal. It’s possible to inspect those logs through jornalctl with:

sudo journalctl -u docker.service  (1)
# or
sudo journalctl -fu docker.service (2)
1 See all available logs
2 Follow the most recent log entries

Those log entries disclose information about the Docker engine itself, not about the containers running at the server. Hence it shows information that may be useful to troubleshoot problems about container execution in general, but won’t be helpful to analyze the behavior of a containerized app.

Why picking the right log level matters

A verbose logging level is useful to debug an app’s unexpected behavior, but it can get in the way of day-to-day production usage. Having more log messages than necessary increases disk usage and adds noise to your overall log entries, this makes it harder to spot important log messages. If your server forwards logs to a Log Management software, the usage and noise issues could be propagated there as well.

In the Docker engine, the debug level log outputs commands used to manipulate iptables rules, mounted volumes events and information, API routes registration, Docker network events, containers lifecycle management events, and more.

Unless you’re debugging Docker itself, you should not run Docker daemon at debug log level.

How to configure the Docker daemon log level

You need to add a configuration to the daemon configuration file.

Edit the file /etc/docker/daemon.json, create it if it doesn’t exist yet.

Use the JSON shown below:

  "log-level": "info"
Make sure this file contains valid JSON before restarting the service. To validate with jq run jq empty /etc/docker/daemon.json.

Then restart the Docker daemon:

sudo systemctl restart docker