Log Security

The IONOS Logging Service is a versatile and accessible platform that allows you to conveniently store and manage logs from various sources. Whether it's logs generated within the IONOS infrastructure, your own bare metal system, or even from another cloud environment, this platform provides a seamless solution for log aggregation. With its flexibility, you can effortlessly push logs from anywhere, ensuring comprehensive log monitoring and analysis.

All types of communications to push logs (HTTP and TCP) are protected by the following two mechanisms:

• TLS (Transport Layer Security)

• KEY

  • HTTP: APIKEY Header

  • TCP: SharedKey

The Key brings an extra layer of security with which you can revoke or regenerate the existing key.

TCP (FluentBit)

When using TCP/TLS, you have to enable tls and provide a Shared_key (key) in the FluentBit configuration. The key can be obtained via our REST API (ShareOnce Policy)

[OUTPUT]
    Name            forward
    Match           *
    Port            9000
    Tag             <TAG>
    Host            <TCP_ENDPOINT>
    tls             on
    Shared_Key      <KEY>

HTTP (cURL)

If you are planning to use HTTP (JSON), you should provide the key in the header alongside your account email address:

curl -X "POST" "https://12be6dbe134f-logs.3b0b424eb27f.logging.de-txl.ionos.com/myhttp" \
     -H 'Content-Type: application/json' \
     -H 'APIKEY: <KEY>' \
     -d $'{
  "status": "Ready",
  "ts": 1580306777.04728,
  "pod": {
    "name": "Example Name",
    "namespace": "data"
  },
  "msg": "Pod status updated",
  "level": "error",
  "label_1": "test label"
}'

HTTP (FluentBit)

This is an equivalent example of configuring FluentBit with HTTP outbound:

[OUTPUT]
    Name            http
    Match           *
    Host            <HTTPS_ENDPOINT>
    URI             /<TAG>
    Format          json
    Header          APIKEY <KEY>
    tls             on
    Port            443