Log streaming: Logentries

      Last updated December 07, 2020

    Fastly's Real-Time Log Streaming feature can send log files to Logentries. Logentries is a real-time log management and analytics system that you can use to monitor your Fastly logs.

    One-click Logentries account setup

    Fastly has partnered with Logentries to offer you a method for automatically creating a Logentries account and configuring a logging endpoint. By using the Logentries one-click integration, you can create a 30 day trial Logentries account with unlimited data. After 30 days, if you don't upgrade to one of the Logentries premium plans, your account will be capped at 5GB per month.

    Follow these instructions to create a Logentries logging endpoint and configure the logging endpoint:

    1. Log in to the Fastly web interface and click the Configure link.
    2. From the All services page, select the appropriate service. You can use the search box to search by ID, name, or domain.
    3. Click the Edit configuration button and then select the option to clone the active version. The Domains page appears.
    4. Click the Logging link. The Logging endpoints page appears. If you have an existing logging endpoint, click the Create endpoint button.

      the Logentries One-click set up box

    5. In the Logentries One-click setup box, click the Create Account button. The Logentries log is automatically created.
    6. Click the Activate button to deploy your configuration changes.

    Accessing your Logentries account

    If you created a Logentries account using the one-click integration, you must access your Logentries account from the Fastly web application. Follow these instructions to log in to Logentries:

    1. Log in to the Fastly web interface.
    2. From the All services page, select the appropriate service. You can use the search box to search by ID, name, or domain.
    3. Click the Edit configuration button and then select the option to clone the active version. The Domains page appears.
    4. Click the Logging link. The Logging endpoints page appears.

      the Logentries log view link

    5. Click the Logentries log view link to access your Logentries account dashboard.

    Manually adding Logentries as a logging endpoint

    If you already have a Logentries account, or if you'd prefer to sign up for a Logentries account on the Logentries website, you can manually add Logentries as a logging endpoint in the Fastly web interface.

    Prerequisites

    1. Register for a Logentries account.
    2. Create a new log in the Logentries application by following the instructions on the Logentries website
    3. During new log creation, select Manual Configuration and Token TCP.
    4. Make a note of the token provided in the Logentries configuration panel. We recommend you use this token when you create the Logentries logging endpoint for Fastly services.

    Creating the logging endpoint in the web interface

    After you've created a new log in Logentries and found the token, follow these instructions to add Logentries as a logging endpoint for Fastly services:

    1. Review the information in our Setting Up Remote Log Streaming guide.
    2. Click the Logentries by Rapid7 Create endpoint button. The Create a Logentries endpoint page appears.

      the create a Logentries page

    3. Fill out the Create a Logentries endpoint fields as follows:
      • In the Name field, enter a human-readable name for the endpoint.
      • In the Log format field, optionally enter an Apache-style string or VCL variables to use for log formatting. The Apache Common Log format string appears in this field by default. Our discussion of format strings provides more information.
      • In the Token field, type the token provided in the Logentries configuration panel.
      • From the Region menu, select the region to stream logs to.
    4. Click the Advanced options link of the Create a Logentries endpoint page and decide which of the optional fields to change, if any.

      the advanced options on the create a Logentries endpoint page

    5. Fill out the Advanced options of the Create a Logentries endpoint page as follows:
      • From the TLS menu, optionally select Yes.
      • In the Placement area, select where the logging call should be placed in the generated VCL. Valid values are Format Version Default, None, and waf_debug (waf_debug_log). Selecting None creates a logging object that can only be used in custom VCL. See our guide on WAF logging for more information about waf_debug_log.
    6. Click the Create button to create the new logging endpoint.
    7. Click the Activate button to deploy your configuration changes.

    Next steps

    Logentries maintains the Fastly Community Pack that leverages custom VCL to provide advanced User-Agent statistics, regional statistics, error tracking, and more.

    Back to Top