Embedded Views

Learn how to embed views in LogDNA to allow users outside of your organization to view a specific portion of your logs for easy log monitoring, analysis, and problem shooting.

Overview

Embedding a view allows users outside of your LogDNA organization to view a specific portion of your logs. You can embed views to showcase your product, create custom internal dashboards, or even provide user-specific event logs to your customers.

How it works

Each view you create inside LogDNA can be configured to be embeddable. As part of the embed options, you can choose to mirror that view exactly, or allow it to accept a refined query that you can specify from your web page.

For example, if Susie logs into your website, you could show Susie logs only related to her activity by passing her user identifier as a refined query. Once the embed options are set, we automatically generate the embed code for you to copy and paste into your website.

Getting started

As a prerequisite, you must whitelist your website domain to authorize hosting your embedded view. You can add your domain to the whitelist on the Manage Account Profile page in the LogDNA web app.

Embedded views first require creating a view inside LogDNA. After the view is created, click on the view drop-down in the top left and select Embed this View. This will open a pane prompting you to to choose whether to use a static or dynamic embedded view.

Static vs dynamic

A static embed only shows log lines from the view and it will not accept any query refinement made from the web page using the embed. This is useful for showing the view's logs to other users outside of your LogDNA organization.

A dynamic embed only shows a subset of log lines from the view that match a refined query. This is useful for showing a specific subset of the view's logs to a particular user or group of users outside of your LogDNA organization.

Important considerations to keep in mind when choosing a static or dynamic embed are displayed in the table below.

Static
Dynamic

Behavior

Mirrors view exactly

Shows a subset of lines matching a refined query

Effort

No server-side work required

Server-side work required

Security

Basic CORS security

CORS and HMAC validation

Embed code

Once you have chosen an embed type, the last step is to copy the embed code into your website. For static embeds, this process is as easy as copying and pasting the generated snippet in the configuration pane. However, for dynamic embeds, you will also need to use server-side code to securely perform query refinement.

Query refinement (dynamic only)

If you selected the dynamic embed option, a query parameter is required for the embedded view. The query parameter for a dynamic embed is identical to a search query in the web app. For security reasons, it is not possible to show a dynamic embed without a query parameter to refine the embedded view's contents.

For security, the query parameter MUST be hashed via HMAC-SHA256. This requires a shared secret, which you can specify or generate in the configuration pane. For hashing, we allow two different methods to generate a signature: a traditional query string based HMAC signature, and JSON Web Token (JWT).

Query string

The query string is your refined query for the embed, which is then hashed using the HMAC-SHA256 algorithm. Example code snippets in a few popular languages are available below.

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;

String secret = "secret";
String query = "query";

try {
    Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
    SecretKeySpec secret_key = new SecretKeySpec(secret.getBytes(), "HmacSHA256");
    sha256_HMAC.init(secret_key);
    String signature = DatatypeConverter.printHexBinary(sha256_HMAC.doFinal(query.getBytes()));
} catch (Exception e){
  //Catch exceptions
}
var crypto = require('crypto')
  , query = 'query'
  , secret = 'secret'
  , signature;

signature = crypto.createHmac('sha256', secret).update(query).digest('hex');
$signature = hash_hmac('sha256', 'query', 'secret');
import hashlib
import hmac

query = bytes("query").encode('utf-8')
secret = bytes("secret").encode('utf-8')

signature = hmac.new(secret, query, digestmod=hashlib.sha256).hexdigest()
require 'openssl'

signature = OpenSSL::HMAC.hexdigest('sha256', "secret", "query")

JSON Web Token (JWT)

JWT is a JSON-based open standard used to create access tokens that can securely assert a particular claim. In this case, the claim is q, the query parameter, which contains your refined query for the embed. Example code snippets in a few popular languages are available below.

// Library documentation: https://github.com/auth0/java-jwt
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTCreationException;
import com.auth0.jwt.JWT;
import java.io.UnsupportedEncodingException

String secret ="secret";
String query = "query";
  
try {
    Algorithm algorithm = Algorithm.HMAC256("secret");
    String token = JWT.create()
			.withClaim("q", query)
      .sign(algorithm);
} catch (UnsupportedEncodingException exception) {
    //UTF-8 encoding not supported
} catch (JWTCreationException exception) {
    //Invalid Signing configuration
}
// Library documentation: https://www.npmjs.com/package/jsonwebtoken
var jwt = require('jsonwebtoken')
	, secret = 'secret'
  , signature;

signature = jwt.sign({ q: 'query' }, secret);
<?php
// Library documentation: https://github.com/firebase/php-jwt
use \Firebase\JWT\JWT;

$query = "query";
$secret = "secret";

$signature = JWT::encode(array("q" => $query), $secret, array('HS256'));
# Library documentation: https://github.com/jpadilla/pyjwt/
import jwt

secret = 'secret'
query = 'query'

signature = jwt.encode({'q': query}, secret, algorithm='HS256')
# Library documentation: https://github.com/jwt/ruby-jwt
require 'jwt'

query = 'query'
secret = 'secret'

signature = JWT.encode {:q => query}, secret, 'HS256'

Embedded Views

Learn how to embed views in LogDNA to allow users outside of your organization to view a specific portion of your logs for easy log monitoring, analysis, and problem shooting.