Log Security

The Logging Service is a versatile and accessible platform that allows you to conveniently store and manage logs from various sources. This platform offers a seamless log aggregation solution for logs generated within the IONOS infrastructure, by your bare metal system, or another cloud environment. With its flexibility, you can effortlessly push logs from anywhere, ensuring comprehensive log monitoring and analysis.

The following two encryption mechanisms safeguard all HTTP or TCP communications that push logs:

• TLS (Transport Layer Security)

• KEY

  • If using HTTP, then the APIKEY must be specified in the header.

  • If using TCP, specify the Shared_Key.

The key brings an extra layer of security with which you can revoke or regenerate the existing key.

TCP (Fluent Bit)

When using TCP or TLS, you must enable tls and provide a Shared_Key in the Fluent Bit configuration. The key can be obtained via our REST API. For more information, see Obtain a new Key.

[OUTPUT]
    Name            forward
    Match           *
    Port            9000
    Tag             <TAG>
    Host            <TCP_ENDPOINT>
    tls             on
    Shared_Key      <KEY>

HTTP (cURL)

If using HTTP (JSON), provide the key in the header as shown in the following example:

curl --location \ 
--request POST 'https://12be6dbe134f-logs.3b0b424eb27f.logging.de-txl.ionos.com/myhttp' \
--header 'Content-Type: application/json' \
--header 'APIKEY: <KEY>' \
--data '{
    "status": "Ready",
    "ts": 1580306777.04728,
    "pod": {
        "name": "Example Name",
        "namespace": "data"
    },
    "msg": "Pod status updated",
    "level": "error",
    "label_1": "test label"
}'

HTTP (Fluent Bit)

This is an equivalent example of configuring Fluent Bit with HTTP outbound:

[OUTPUT]
    Name            http
    Match           *
    Host            <HTTPS_ENDPOINT>
    URI             /<TAG>
    Format          json
    Header          APIKEY <KEY>
    tls             on
    Port            443