The Log Drains feature allows you to connect site traffic logs, function logs, and edge function logs from Netlify’s CDN to third-party monitoring services for analysis, alerting, and data persistence. Additionally, this feature allows you to connect deploy logs from our builds service.
Once you’ve configured a log drain for a site, Netlify batches the site’s log records from our CDN and build system and posts them to an endpoint in JSON/NDJSON format in near real-time. A configured external monitoring provider receives these records from the intake endpoint and makes them available for processing. You can drain the following data:
To set up a log drain, you must be a Netlify Team Owner and have an account and API key provisioned with an external monitoring provider. Netlify supports integration with:
Select the Log types to drain. You can drain your site’s traffic logs, function logs, edge function logs, and deploy logs.
Optional: add Traffic log filtering. If you’re draining traffic logs and don’t want client_ip and user_agent in the data, select Exclude personally identifiable information (PII).
Under Service settings, select the Region where your Datadog site is located.
Enter the unique API key for your logging service provider account. Verify that you are entering your API key instead of the Datadog application key.
Optional: add key/value pairs under Tags to tag your logs with certain attributes. These become query parameters in requests to the logs intake endpoint.
Available keys for Datadog:
Key
Tag Description
Example value
ddtag
tags associated with logs, grouped into a single list with the value ddtags
env:prod
service
name of the application or service generating the log events
Select the Log types to drain. You can drain your site’s traffic logs, function logs, edge function logs, and deploy logs.
Optional: add Traffic log filtering. If you’re draining traffic logs and don’t want client_ip and user_agent in the data, select Exclude personally identifiable information (PII).
Under Service settings, select the Region that applies to your New Relic account.
Enter a License API key, also called INGEST-LICENSE, for your New Relic account. Verify that you’re entering your License API key and not your License API key ID or user key.
Optional: to add a tag for your log drain, under Tags, enter the key and value. Then select Add tag. Any tags you add become query parameters in log drain requests to New Relic.
Example tags for New Relic:
Key
Value
Tag description
environment
production
environment type
service
mysubdomain
name of the application or service generating the log events
For guided help on optimizing your New Relic dashboard for your site’s logs, install the Netlify Logs quickstart on New Relic.
To configure a log drain that sends your site logs to Axiom:
On Axiom, go to Integrations.
Install Netlify’s Axiom integration, which opens a prompt to authorize the Axiom app to access Netlify on your behalf.
Once installed, you’re redirected to configure your Netlify integration on Axiom. Copy the Axiom integration token.
On Netlify, for your chosen site, go to
Logs > Log Drains
and select Enable a log drain.
Select Axiom as the Log drain service.
Select the Log types to drain. You can drain your site’s traffic logs, function logs, edge function logs, and deploy logs.
Optional: add Traffic log filtering. If you’re draining traffic logs and don’t want client_ip and user_agent in the data, select Exclude personally identifiable information (PII).
Under Service settings, paste the Integration token copied from Axiom.
To send your site’s log drains to Azure Monitor through the Netlify UI:
On Azure Monitor, from your log analytics workspace, go to
Settings > Agents
. Under the Log Analytics Agent Instructions dropdown, you’ll find the Workspace ID and Primary key you’ll need to enter into the Netlify UI.
On Netlify, for your chosen site, go to
Logs > Log Drains
. If this is your first log drain for your site, select Enable a log drain.
Select Azure as the Log drain service.
Select the Log types to drain. You can drain your site’s traffic logs, function logs, edge function logs, and deploy logs.
Optional: add Traffic log filtering. If you’re draining traffic logs and don’t want client_ip and user_agent in the data, select Exclude personally identifiable information (PII).
Under Service settings, enter your Azure Workspace ID and Primary key.
For security, Netlify hides the full HTTP Source Address in the Netlify UI. After you configure your log drain, only the base URL is visible in the Netlify UI.
On Netlify, for your selected site, go to
Logs > Log Drains
and select Enable a log drain.
Select Sumo Logic as the Log drain service.
Select the Log types to drain. You can drain your site’s traffic logs, function logs, edge function logs, and deploy logs.
Optional: add Traffic log filtering. If you’re draining traffic logs and don’t want client_ip and user_agent in the data, select Exclude personally identifiable information (PII).
Under Service settings, fill in the Full URL field using the HTTP Source Address you copied from Sumo Logic.
Select Splunk Observability Cloud as the Log drain service.
Select the Log types to drain. You can drain your site’s traffic logs, function logs, edge function logs, and deploy logs.
Optional: add Traffic log filtering. If you’re draining traffic logs and don’t want client_ip and user_agent in the data, select Exclude personally identifiable information (PII).
Under Service settings, enter the Realm from your Splunk Observability Cloud profile.
Enter the Access Token from your Splunk Observability Cloud settings.
Select the Log types to drain. You can drain your site’s traffic logs, function logs, edge function logs, and deploy logs.
Optional: add Traffic log filtering. If you’re draining traffic logs and don’t want client_ip and user_agent in the data, select Exclude personally identifiable information (PII).
Under Service settings, enter your Logflare Ingest API key.
To specify where you want your logs to go, enter the Logflare Source ID for your logs.
For cost control reasons, we recommend deleting logs after a period of 90 days. You can configure your Amazon S3 bucket to delete logs automatically by setting lifecycle rules.
Select the Log types to drain. You can drain your site’s traffic logs, function logs, edge function logs, and deploy logs.
Optional: add Traffic log filtering. If you’re draining traffic logs and don’t want client_ip and user_agent in the data, select Exclude personally identifiable information (PII).
Under Service settings, select the Bucket region where your bucket is located.
Enter your S3 Bucket name.
Optional: enter your S3 Bucket path. We recommend using YOUR_BUCKET_NAME/logs/netlify/. If no path is specified, the logs will be written to the root of the S3 bucket.
Select Verify bucket and connect.
Use the provided path to navigate to your S3 bucket’s verification file.
Copy and paste the contents of the file into the Verification token field, then select Verify.
Netlify’s General HTTP endpoint support allows you to set up a custom log drain with any external monitoring provider that accepts log drain requests in JSON or NDJSON format.
To set up a custom log drain, you must provide a full URL of your external monitoring provider’s endpoint. Depending on your external monitoring provider, you can enter your API key as a query parameter in your endpoint or you can enter an Authorization header in the Netlify UI.
For example, this URL includes an API key and a tag as query parameters:
For security, Netlify hides the full endpoint in the Netlify UI. After you configure your log drain, only the base URL is visible in the Netlify UI.
For your selected site, go to
Logs > Log Drains
and select Enable a log drain.
Select General HTTP endpoint as the Log drain service.
Select the Log types to drain. You can drain your site’s traffic logs, function logs, edge function logs, and deploy logs.
Optional: add Traffic log filtering. If you’re draining traffic logs and don’t want client_ip and user_agent in the data, select Exclude personally identifiable information (PII).
Under Service settings, enter the Full URL for your endpoint, including any optional tags as query parameters. Depending on your external monitoring provider, enter your API key as a query parameter in your endpoint or under Authorization header.
Select the Log Drain Format that your endpoint accepts.
To terminate an existing log drain configuration for a site, under
Logs > Log Drains
, select Delete. All log types associated with the site’s log drain will be removed. Saved logs are accessible in your logging service provider account.
Drained site traffic logs include the following fields parsed from our CDN logs:
account_id: ID of the Netlify team that the site belongs to.
client_ip: IP address of the client. Omitted if you selected Exclude personally identifiable information (PII).
content_type:Content-Type of the request (for example, text/html).
country: country of origin for the request, formatted as an ISO 3166-1 two-letter code.
deploy_id: ID of the deploy (for example, 61153ae8b0f6a900088386e8).
duration: duration of the request in milliseconds.
firewall_rule: the Firewall traffic rule that matches the request. Can be one of default_allow, default_deny, ip_allow, ip_deny, geo_allow, geo_deny , or -. If there are no traffic rules added to a site, then firewall_rule returns -. Learn more about Firewall traffic rules.
log_type: indicates the type of log. The value is traffic.
Netlify’s Log Drains feature doesn’t currently support function log output for Background Functions. We recommend storing historical logs for this type of function on an external service.
Function log output is limited to 4 KB total per invocation. If a log’s output exceeds 4 KB, only the last 4 KB of the log is sent to the logging service and the log message will be truncated.
