It really depends on whether you have any centralised logging and alerting software that you need to comply with as part of your operational run support (i.e who will be notified if something bad happens, how will that notification be ‘triaged’ from the information available, who will a problem be escalated to, and so on …).
At the most simple level you can configure the docker daemon with a specific logging driver (if there’s one that meets your need). For example, if you use Splunk, it’s easy to configure docker to emit log streams thru that driver which you then hook up either to an event forwarder or file watcher. Rancher is also just a bunch of docker containers so Rancher logs can go the same route. One area that isn’t covered AFAIK is the Rancher audit logs which might be important to your security folk, but in that case you can call the Rancher API periodically and suck those out and forward them on (simplifying here for brevity).
If you want to do more than just output to sys-out, then your app will likely need to include code to push events to a defined logging endpoint. In your case you are sending to a file, so any logging tool that can watch that directory would work, although tbh I’m not a great fan of file based logging especially in a world where statelessness is desirable and you clearly can’t be certain where you app is running and for how long (everything is ephemeral in the docker world). It also tends to introduce a security vulnerability. Better to use a secure network endpoint imho.