Getting Started with Docker

Seq's Linux-based Docker image is ideal for deployment to Linux hosts and container orchestrators, and for local development on Linux or macOS.

Seq is distributed as an officially supported datalust/seq container image on Docker Hub and as datalust/seq on the Amazon ECR Public Gallery.

You can run the container with docker or podman on Linux, or using Docker Desktop for macOS.


Kubernetes support

Seq also has a basic Helm chart for simplifying deployments in Kubernetes. See the Kubernetes deployment docs for more details.

Running Seq in a Docker container

PH=$(echo '<password>' | docker run --rm -i datalust/seq config hash)

mkdir -p <local path to store data>

docker run \
  --name seq \
  -d \
  --restart unless-stopped \
  -v <local path to store data>:/data \
  -p 5341:80 \

This will start a Seq instance with:

  • --name seq to be able to run commands using the container name, e.g. docker stop seq
  • -d run in daemon mode (in the background), omit this argument to see container logs in stdout
  • --restart unless-stopped always restart the Seq docker container if it stops, except when you run docker stop seq
  • -e ACCEPT_EULA=Y to run Seq, you must accept the End User License Agreement
  • -e SEQ_FIRSTRUN_ADMINPASSWORDHASH="$PH" to set an initial password for the admin user account; replace <password> with your desired password; the first line above stores a cryptographic hash of the password into the environment variable $PH (bash syntax)
  • -v <local path to store data>:/data mounts <local path to store data> on the host machine to /data on the docker container - this is where Seq stores all its configuration and log files. Storing Seq data outside of the container means that Seq's log data and metadata persist beyond the life of the container, and don't increase the size of the docker container.
  • -p 5341:80 map the host's localhost:5341 to Seq UI and API (port 80). We recommend exposing the ingestion-only port separately.

The container can be stopped and started using the docker stop seq and docker start seq commands, respectively.

After running the command above, browse the Seq UI at http://localhost:5341.


The Seq web UI, showing a search bar and a list of most recent events in descending order.

Persistent volumes

The Seq Docker container stores configuration and log events in its /data directory. For this directory to survive container restarts, it needs to be mapped to a persistent volume using -v on the command-line, as in the example above.

Seq is a database; the volume provided to it should be equivalent to local disk storage, for example an Azure Disks VHD or an AWS EBS volume.

Only one running Seq container can access a storage volume concurrently: it's not possible to run two or more container instances pointing to the same storage.


Azure Files volumes

When running Seq on Microsoft Azure, only Azure Disks volumes (mounted VHDs) are recommended for persistent storage.

Azure Premium Files is not compatible with Seq.

Enabling authentication

If you specified an initial password for the admin account on the docker run command-line, authentication will already be enabled.

If not, your next step should be visiting Settings > Users and enabling authentication.

Ingesting events

Using logging and tracing libraries

Before you can benefit from Seq, your applications need to be configured to send events through one of the supported libraries.

  • Using Serilog - Serilog is a modern logging library for the .NET platform with deep support for structured event data. With the addition of SerilogTracing it can also produce traces.
  • Using ASP.NET Core - the Microsoft.Extensions.Logging library included in ASP.NET Core works well with Seq.
  • Using OpenTelemetry - OpenTelemetry provides logging and tracing client libraries for all major programming languages.
  • Using Node.js - on Node.js, we support the Pino, Winston, and Bunyan logging libraries.

Seq integrates with a range of languages, libraries and frameworks, and has a simple HTTP API for receiving telemetry data. Learn more about getting logs into Seq.


If you're unsure where to start, we recommend Serilog.

Using CLI or HTTP

Your applications can also log events to Seq by tailing their output with the seqcli command-line client

./my-app | seqcli ingest

or posting JSON directly to Seq:

curl -XPOST "http://your-seq-host/api/events/raw?clef" \
  -d "{'@t':'2018-06-07T03:44:57.8532799Z','@mt':'Hello, {User}','User':'alice'}"

Containerized services can also forward their logs to Seq natively using Docker's GELF (Graylog extended log format) log driver.

Changing the default ingestion port

Containers can expose the limited ingestion port in addition to, or instead of, the API port. In the container the ingestion port is mapped to 5341:

docker run \
  -v $HOST_PATH_TO_SEQ:/data \
  -p $HOST_HTTP_PORT:80 \


  • $HOST_PATH_TO_SEQ is an absolute path on the container host for the Seq instance to use.
  • $HOST_INGESTION_PORT is a port on the host to expose the Seq ingestion endpoint on.

Running other Seq commands in a docker container

Any arguments specified after the datalust/seq:latest image in the docker run command will be passed as arguments to the Seq binary:

docker run \
  --rm \
  -v $HOST_PATH_TO_SEQ:/data \
  datalust/seq:latest version


  • $HOST_PATH_TO_SEQ is an absolute path on the container host for the Seq instance to use.

Container environment

File paths

Important file paths used by Seq in the container.

/dataLocation of Seq extents and logs


Important ports used by Seq in the container.

:80The port that Seq binds to the API and UI
:5341The port that Seq binds to the ingestion-only endpoint

Environment variables

Environment variables used by Seq in the container. For a full list of environment variables supported by the container, see the Server Configuration reference.

ACCEPT_EULAMust be set to Y to indicate acceptance of the Seq EULA
SEQ_API_CANONICALURIThe external URI that can be used to reach Seq outside of the container
SEQ_FIRSTRUN_ADMINUSERNAMEA username for the default administrator account, used only when the container is first initialized; the default is admin
SEQ_FIRSTRUN_ADMINPASSWORDHASHA salted, cryptographic hash of the default administrator password, used only when the container is first initialized; the default is to set no password; create the hash using docker run datalust/seq config hash and supply the password to STDIN

What's next?

Once your apps are happily sending events to Seq, you can:

Happy logging!