»Command: monitor

The nomad monitor command streams log messages for a given agent.


nomad monitor [options]

The nomad monitor command can be used to stream the logs of a running Nomad agent. Monitor will follow logs and exit when interrupted or until the remote agent quits.

The power of the monitor command is that it allows you to log the agent at a relatively high log level (such as "warn"), but still access debug logs and watch the debug logs if necessary. The monitor command also allows you to specify a single client node id to follow.

When ACLs are enabled, this command requires a token with the agent:read capability.

»General Options

  • -address=<addr>: The address of the Nomad server. Overrides the NOMAD_ADDR environment variable if set. Defaults to

  • -region=<region>: The region of the Nomad server to forward commands to. Overrides the NOMAD_REGION environment variable if set. Defaults to the Agent's local region.

  • -no-color: Disables colored command output. Alternatively, NOMAD_CLI_NO_COLOR may be set.

  • -ca-cert=<path>: Path to a PEM encoded CA cert file to use to verify the Nomad server SSL certificate. Overrides the NOMAD_CACERT environment variable if set.

  • -ca-path=<path>: Path to a directory of PEM encoded CA cert files to verify the Nomad server SSL certificate. If both -ca-cert and -ca-path are specified, -ca-cert is used. Overrides the NOMAD_CAPATH environment variable if set.

  • -client-cert=<path>: Path to a PEM encoded client certificate for TLS authentication to the Nomad server. Must also specify -client-key. Overrides the NOMAD_CLIENT_CERT environment variable if set.

  • -client-key=<path>: Path to an unencrypted PEM encoded private key matching the client certificate from -client-cert. Overrides the NOMAD_CLIENT_KEY environment variable if set.

  • -tls-server-name=<value>: The server name to use as the SNI host when connecting via TLS. Overrides the NOMAD_TLS_SERVER_NAME environment variable if set.

  • -tls-skip-verify: Do not verify TLS certificate. This is highly not recommended. Verification will also be skipped if NOMAD_SKIP_VERIFY is set.

  • -token: The SecretID of an ACL token to use to authenticate API requests with. Overrides the NOMAD_TOKEN environment variable if set.

»Monitor Options

  • -log-level: The log level to use for log streaming. Defaults to info. Possible values include trace, debug, info, warn, error

  • -node-id: Specifies the client node-id to stream logs from. If no node-id is given the nomad server from the -address flag will be used.

  • -server-id: Specifies the nomad server id to stream logs from. Accepts server names from nomad server members and also a special leader option which will target the current leader.

  • -json: Stream logs in json format


$ nomad monitor -log-level=DEBUG -node-id=a57b2adb-1a30-2dda-8df0-25abb0881952
2019-11-04T12:22:08.528-0500 [DEBUG] http: request complete: method=GET path=/v1/agent/health?type=server duration=1.445739ms
2019-11-04T12:22:09.892-0500 [DEBUG] nomad: memberlist: Stream connection from=

$ nomad monitor -log-level=DEBUG -json=true
{"@level":"debug","@message":"request complete"...}