In this tutorial, we'll learn how to install and configure VictoriaLogs on Ubuntu 24.04.
What is VictoriaLogs?
VictoriaLogs is an open-source log storage database created for fast indexing and searching. It is lightweight, simple to deploy and works well as a centralized log system for servers, apps and containers. It stores logs efficiently and allows fast searching through LogSQL queries.
Prerequisites
Before we begin, ensure we have the following:
- An Ubuntu 24.04 dedicate server or KVM VPS.
- Basic Linux Command Line Knowledge.
Install and Configure VictoriaLogs on Ubuntu 24.04
Step 1: Update Server
Keep the server updated. Execute following command:
sudo apt update && sudo apt -y upgrade
Step 2: Create User and Folders
We create a separate user so VictoriaLogs runs safely.
sudo useradd --system --no-create-home --shell /usr/sbin/nologin victorialogs
sudo mkdir -p /opt/victorialogs /var/lib/victorialogs
sudo chown -R victorialogs:victorialogs /opt/victorialogs /var/lib/victorialogs
Step 3: Download VictoriaLogs
Replace version below if a newer one is available. Visit official Github repo to get the latest version.
cd /tmp
curl -LO https://github.com/VictoriaMetrics/VictoriaLogs/releases/download/v1.37.2/victoria-logs-linux-amd64-v1.37.2.tar.gz
tar xzf victoria-logs-linux-amd64-v1.37.2.tar.gz
sudo mv victoria-logs-linux-amd64-v1.37.2/* /opt/victorialogs/
sudo chown -R victorialogs:victorialogs /opt/victorialogs
Step 4: Create Systemd Service
This helps VictoriaLogs auto-start on boot.
sudo nano /etc/systemd/system/victorialogs.service
Add:
[Unit]
Description=VictoriaLogs Service
After=network.target
[Service]
User=victorialogs
Group=victorialogs
ExecStart=/opt/victorialogs/victoria-logs-prod \
-storageDataPath=/var/lib/victorialogs \
-retentionPeriod=30d \
-httpListenAddr=:9428 \
-loggerFormat=json
Restart=on-failure
[Install]
WantedBy=multi-user.target
Enable and start:
sudo systemctl daemon-reload
sudo systemctl enable --now victorialogs
sudo systemctl status victorialogs
Step 5: Allow Access in Firewall (Optional)
sudo ufw allow 9428/tcp
If the server is public, it’s better to allow only our internal IPs instead of open access.
Step 6: Send Logs to VictoriaLogs
There are many ways to send logs. Here is a simple one using Rsyslog:
Enable Rsyslog TCP Input
Edit file:
sudo nano /etc/rsyslog.conf
Add at the bottom:
*.* @@<SERVER-IP>:9428
Restart:
sudo systemctl restart rsyslog
This starts sending system logs to VictoriaLogs.
Step 7: Test if Logs Are Stored
Run this command:
curl -s http://localhost:9428/select/logsql/query -d 'query=*'
If logs appear, everything is working.
Step 8: Send Example Logs to VictoriaLogs
Run this:
curl -X POST "http://localhost:9428/insert/logs" -H "Content-Type: application/json" -d '{"service":"test-app","msg":"Hello from VL from locally","level":"info"}'
Now test again:
curl -s "http://localhost:9428/select/logsql/query" -d 'query=* | limit 5' | jq
Output similar to:
{
"_time": "2025-11-11T05:23:55.047849289Z",
"_stream_id": "0000000000000000e934a84adb05276890d7f7bfcadabe92",
"_stream": "{}",
"_msg": "missing _msg field; see https://docs.victoriametrics.com/victorialogs/keyconcepts/#message-field",
"level": "info",
"msg": "Hello from VL from locally",
"service": "test-app"
}
Step 9: Basic Log Query Examples
Get last 5 minutes of logs with keyword “error”:
curl -s http://localhost:9428/select/logsql/query -d 'query=_time:5m error'
Show only 20 latest logs:
curl -s http://localhost:9428/select/logsql/query -d 'query=* | limit 20'
Step 10: Optional – Connect to Grafana
If we want a visual UI to explore logs:
- Install Grafana
- Add VictoriaLogs as a data source
- Run log queries directly inside Grafana Explore
This gives us a clean dashboard to search logs.
Conclusion
We now have a fully working VictoriaLogs setup on Ubuntu 24.04. We installed it as a system service, enabled log ingestion and ran basic queries to verify everything works. This setup gives us a fast, modern and scalable way to store and search logs without heavy resource usage.
