Basics

Domains & Origins

Configuration

Caching

Conditions

Custom VCL

Dictionaries

Domains & Origins

Headers

Image optimization

About Fastly Image Optimizer

Load balancing

Performance

Purging

Requests

Responses

Video

Security

Access Control Lists

Securing communications

Security measures

TLS

Web Application Firewall

Legacy Web Application Firewall

Integrations

Logging endpoints

Non-Fastly services

Diagnostics

Common errors

Debugging techniques

Streaming logs

Account info

Account management

Billing

User access and control

Reference

Changing where log files are written

Last updated October 23, 2019

For supported logging endpoints that write files to remote services, Fastly uses a combination of factors to ensure log files aren't overwritten, including:

Using the file creation timestamp.
Generating a unique ID.
If a file with the same timestamp and UID combination exists, incrementing a counter and adding that to the end of the filename.

To change where log files are written, you can modify the path and timestamp_format variables on select endpoints. The logging system combines the path, timestamp_format, and uid variables to create the file name:

<path><timestamp>-<uid>.log<suffixes>

This guide explains how to use the path and timestamp_format variables to control where log files are written.

Timestamp format

You may want to consider changing the timestamp format to remove characters from the log filenames. For example, if you're working with Elastic MapReduce, you might need to remove the colons in the filename.

The timestamp_format variable is provided as a strftime compatible format. The default format is ISO 8601 Combined Date/Time Format:

%Y-%m-%dT%H:%M:%S.000

The variables are expanded when the file is created. For example, %Y will be replaced by the current year and %m by the current month number:

<year>-<2 digit month number>-<2 digit day number>T<hour>:<minute>:<second>

The timestamp for a file created at midnight on January 1st, 1970 would be 1970-01-01T00:00:00.000.

Path

The path variable acts differently depending on whether or not it ends in a trailing /.

If the variable does end in a trailing /, then it's treated as a directory. For example, if the variable is set to my_logs/, the files are written in the directory my_logs. If the variable is set to my_logs without the trailing /, the files are written in the top-level directory and are prefixed with my_logs.

The two approaches can also be combined. For example, if the variable is set to my_logs/foo, the files are written in the my_logs directory and are prefixed with foo.

Logs can also be nested. For example, if the variable is set to my_logs/sub_logs/, the files are written in the sub_logs directory in the my_logs directory.

TIP: The path can also be a strftime compatible string. For example, if the variable is set to %Y/%m/%d, the files are written to a directory based on the year, month, and date.

Directories are created automatically when possible.

Suffixes

Fastly's logging system automatically adds suffixes to files as appropriate.

Suffix	File type
.log	Plain log file
.log.gz	Gzipped log file
.log.gpg	PGP encrypted log file
.log.gz.gpg	PGP encrypted, Gzipped log file