Log Drains

This feature may not be available on all plans.

The Log Drains feature allows you to connect site traffic logs and Node.js function logs from Netlify’s CDN to third-party monitoring services for analysis, alerting, and data persistence. Once you’ve configured a log drain for a site, Netlify batches the site’s log records and posts them to an HTTPS endpoint in JSON format in near real-time. A configured external monitoring provider receives these records from the intake endpoint and makes them available for processing. The site traffic log output tracks visitor requests for assets and pages, while the function log output tracks information such as function invocations.

# Configure a log drain

To set up a log drain, you must be a Netlify team Owner and have an account and API key provisioned with an external monitoring provider. Currently, Netlify supports integration with Datadog.

  1. For your selected site, go to Site settings > Log Drains and select Enable a log drain.

  2. Select the Region where your Datadog site is located.

  3. Enter the unique API key for your logging service provider account. If you are using Datadog, verify that you are entering your API key instead of the Datadog application key.

  4. Select the Log type. You can drain your site’s traffic logs, function logs, or both.

  5. Optionally, add Key/Value pairs under Advanced log drain settings to tag your logs with certain attributes. These become query parameters in requests to the logs intake endpoint.

    Available keys for Datadog:

    Key Description Example
    ddtag tags associated with logs, grouped into a single list with the value ddtags env:prod
    service name of the application or service generating the log events mysubdomain
  6. When you’re done, select Connect.

If you need to adjust the settings for an existing log drain, under Site Settings > Log Drains, select Edit settings. Configuration changes become active within approximately five minutes.

To stop sending specific log data to your external monitoring provider, clear the Log type you no longer need and select Save.

# Remove a log drain

To terminate an existing log drain configuration for a site, under Site Settings > Log Drains, select Delete log drain. All log types associated with the site’s log drain will be removed. Saved logs are accessible in your logging service provider account.

# Traffic log output

Drained site traffic logs include the following fields parsed from our CDN logs:

  • account_id: the ID of the account.
  • client_ip: the IP address of the client.
  • content_type: the Content-Type of the request (for example, text/html).
  • deploy_id: the ID of the deploy (for example, 61153ae8b0f6a900088386e8).
  • duration: the duration of the request in milliseconds.
  • log_type: indicates the type of log. The value is traffic.
  • method: the request method.
  • referrer: the referrer on the request.
  • request_id: the Netlify request ID (for example, 01FDWR77JMF2DA1CHF5YA6H07C).
  • request_size: the size of the request in bytes.
  • response_size: the size of the response in bytes.
  • site_id: the ID of the site.
  • status_code: the status code of the HTTP response.
  • timestamp: the timestamp of the request, formatted with RFC 3339 (for example, 2021-08-24T18:54:34.831Z).
  • url: the URL of the request.
  • user_agent: the user-agent that made the request.

# Function log output

Currently, Netlify supports log drains for Node.js functions. Drained function logs include the following fields parsed from our CDN logs:

  • account_id: the ID of the account.
  • deploy_id: the ID of the deploy (for example, 61153ae8b0f6a900088386e8).
  • duration: the amount of time it took for AWS Lambda to execute the function.
  • function_name: the name of the function.
  • function_type: the type of function. This value will always be normal.
  • level: the level of the log line (for example, INFO, ERROR, WARN, REPORT).
  • log_message: the log message.
  • log_type: indicates the type of log. The value is functions.
  • path: the path of the request (for example, /.netlify/functions/your-awesome-function).
  • request_id: the Netlify request ID (for example, 01FDWR77JMF2DA1CHF5YA6H07C).
  • site_id: the ID of the site.
  • status_code: the status code of the HTTP response.
  • timestamp: the timestamp of the request, formatted with RFC 3339 (for example, 2021-08-24T18:54:34.831Z).

Note that if a function’s log output exceeds 4 KB when it is encoded to Base64 format, only the last 4 KB of logs will be sent to the logging service and the log message will be truncated.