Suggest Edits

/logs/ingest

Posting to /logs/ingest will send your log statements to the LogDNA log viewer

 

Query Auth

 Authentication is required for this endpoint.
posthttps://logs.logdna.com/logs/ingest?hostname=hostname&mac=mac&ip=ip&now=now
curl "https://logs.logdna.com/logs/ingest?hostname=EXAMPLE_HOST&mac=C0:FF:EE:C0:FF:EE&ip=10.0.1.101&now=$(date +%s)" \
-u INSERT_INGESTION_KEY: \
-H "Content-Type: application/json; charset=UTF-8" \
-d \
'{ 
   "lines": [ 
     { 
       "line":"This is an awesome log statement", 
       "app":"myapp",
       "level": "INFO",
       "env": "production",
       "meta": {
         "customfield": {
           "nestedfield": "nestedvalue"
         }
       }
     }
   ] 
}'
A binary file was returned

You couldn't be authenticated

{ "status": "ok" }
{ "error": "Bad or missing parameters.", "code": "BadRequest", "status": "error" }
{ "error": "Missing param hostname." }
{ "error": "Missing Credentials" }
{ "error": "Account not found or inactive" }

Query Params

hostname
string

Required: The hostname of the source

mac
string

Optional: The network mac address of the host computer

ip
string

Optional: The local IP address of the host computer

now
date-time

Recommended: The source unix timestamp in milliseconds at the time of the request. Used to calculate time drift.

tags
string

Optional: Tags used to dynamically group hosts

Body Params

json

An array of line objects: { "lines": [ {"line":"my log line", "level:"info"} ] }

 

Post it

  1. Click the Test in the API Explorer button at the bottom of the page
  2. Hit the green key icon and enter your LogDNA Ingestion Key
  3. Copy and paste the example JSON below into the Body Content text field. Be sure to replace INSERT_UNIX_TIMESTAMP with the unix timestamp of the log line, preferably in milliseconds. Then click the green Try It! button.

If you sign in to the LogDNA log viewer, you'll now see the log line "This is an awesome log statement" live in the log viewer!

{ 
  "lines": [ 
    { 
      "timestamp": INSERT_UNIX_TIMESTAMP, 
      "line":"This is an awesome log statement", 
      "app":"myapp",
      "level": "INFO",
      "meta": {
        "customfield": {
          "nestedfield": "nestedvalue"
        }
      }
    }
  ] 
}

Curl it

If you like the good 'ol fashioned terminal, you can use the curl statement instead, but be sure to replace INSERT_INGESTION_KEY with your LogDNA Ingestion Key and INSERT_UNIX_TIMESTAMP with the timestamp of the log line, preferably in milliseconds.

Tweak it

In addition to basic auth, we also support an HTTP query string with the format, &apikey=your-ingestion-key as well as a header token with the format apikey:your-ingestion-key. While we appreciate thoroughness, please do not use more than one method of authentication per request! There is also a maximum payload size of 10 MB.

Metadata

Meta is a field reserved for custom information associated with a log line. To add metadata to an API call, specify the meta field under the lines object. Metadata can be viewed inside that line's context.

WARNING: If inconsistent value types are used, that line's metadata, will not be parsed. For example, if a line is passed with a meta object, such as meta.myfield of type String, any subsequent lines with meta.myfield must have a String as the value type for meta.myfield.

Suggest Edits

/v1/export

Export log lines in JSONL format. Before using the API, be sure to generate a Service Key first.

 

Basic Auth

 Authentication is required for this endpoint.
gethttps://api.logdna.com/v1/export
curl "https://api.logdna.com/v1/export?to=$(date +%s)000&from=$(($(date +%s)-86400))000&levels=warn" \
-u INSERT_SERVICE_KEY:
A binary file was returned

You couldn't be authenticated

{"_logtype":"syslogline","_ingester":"agent","_ip":"40.121.203.183","pid":5573,"program":"docker","_host":"k8s-master-5A226838-0","logsource":"k8s-master-5A226838-0","_app":"syslog","_file":"/var/log/syslog","_line":"docker[5573]: I0411 00:18:39.644199    6124 conversion.go:134] failed to handle multiple devices for container. Skipping Filesystem stats","_ts":1491869920198,"timestamp":"2017-04-11T00:18:39.000Z","_id":"804760774821019649"}
{"_logtype":"syslogline","_ingester":"agent","_ip":"40.121.203.183","pid":5573,"program":"docker","_host":"k8s-master-5A226838-0","logsource":"k8s-master-5A226838-0","_app":"syslog","_file":"/var/log/syslog","_line":"docker[5573]: I0411 00:18:39.644167    6124 conversion.go:134] failed to handle multiple devices for container. Skipping Filesystem stats","_ts":1491869920198,"timestamp":"2017-04-11T00:18:39.000Z","_id":"804760774821019648"}
{"_logtype":"syslogline","_ingester":"agent","_ip":"40.121.203.183","pid":5573,"program":"docker","_host":"k8s-master-5A226838-0","logsource":"k8s-master-5A226838-0","_app":"syslog","_file":"/var/log/syslog","_line":"docker[5573]: I0411 00:18:37.053730    6124 operation_executor.go:917] MountVolume.SetUp succeeded for volume \"kubernetes.io/secret/6f322c04-e1d2-11e6-bca0-000d3a111245-default-token-swb07\" (spec.Name: \"default-token-swb07\") pod \"6f322c04-e1d2-11e6-bca0-000d3a111245\" (UID: \"6f322c04-e1d2-11e6-bca0-000d3a111245\").","_ts":1491869917193,"timestamp":"2017-04-11T00:18:37.000Z","_id":"804760762212941824"}
{"_logtype":"syslogline","_ingester":"agent","_ip":"40.121.203.183","pid":5573,"program":"docker","_host":"k8s-master-5A226838-0","logsource":"k8s-master-5A226838-0","_app":"syslog","_file":"/var/log/syslog","_line":"docker[5573]: I0411 00:18:34.637733    6124 kubelet_node_status.go:412] Using Node Hostname from cloudprovider: \"k8s-master-5a226838-0\"","_ts":1491869915251,"timestamp":"2017-04-11T00:18:34.000Z","_id":"804760753061380102"}
{"_logtype":"syslogline","_ingester":"agent","_ip":"40.121.203.183","pid":5573,"program":"docker","_host":"k8s-master-5A226838-0","logsource":"k8s-master-5A226838-0","_app":"syslog","_file":"/var/log/syslog","_line":"docker[5573]: I0411 00:18:29.574439    6124 conversion.go:134] failed to handle multiple devices for container. Skipping Filesystem stats","_ts":1491869910164,"timestamp":"2017-04-11T00:18:29.000Z","_id":"804760731720351745"}
{"_logtype":"syslogline","_ingester":"agent","_ip":"40.121.203.183","pid":5573,"program":"docker","_host":"k8s-master-5A226838-0","logsource":"k8s-master-5A226838-0","_app":"syslog","_file":"/var/log/syslog","_line":"docker[5573]: I0411 00:18:29.574415    6124 conversion.go:134] failed to handle multiple devices for container. Skipping Filesystem stats","_ts":1491869910164,"timestamp":"2017-04-11T00:18:29.000Z","_id":"804760731720351744"}

Query Params

from
int32

Required: Start time for logs to export, in Unix timestamp in seconds or milliseconds

to
int32

Required: End time for logs to export, in Unix timestamp in seconds or milliseconds

size
string

Optional: Number of results to return. Depends on your plan, but generally the max is 10,000.

hosts
string

Optional: comma separated list of hosts to filter by

apps
string

Optional: comma separated list of apps to filter by

levels
string

Optional: comma separated list of levels to filter by

query
string

Optional: search query. Same format as LogDNA's log viewer. See: https://docs.logdna.com/docs/search

prefer
string

Optional: head or tail. Defaults to tail. If total results was 654 lines, tail would return the last 100 lines and head would return the first 100 lines.

email
string

Optional: Specifies an email that the results will be sent to, by default results are streamed back.

emailSubject
string

Optional: Allows user to set the subject of the email