# LogDNA The *LogDNA* output plugin sends logs and events to a LogDNA-compliant service. ## Configuration parameters This plugin uses the following configuration parameters: | Key | Description | Default | | ----------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | | `api_key` | Required. The API key to get access to the service. | *none* | | `app` | Name of the application. This value is automatically discovered on each record. If no value is found, the default value is used. | `Fluent Bit` | | `file` | Optional name of a file being monitored. This value is only set if the record doesn't contain a reference to it. | *none* | | `hostname` | Name of the local machine or device where Fluent Bit is running. If no value is specified, Fluent Bit will look up the hostname and auto-populate its value. If Fluent Bit is unable to find a value, it will set the value `unknown` instead. | *none* | | `ip` | The IP address of the local hostname. This value is optional. | *none* | | `logdna_endpoint` | The LogDNA ingestion endpoint. | `/logs/ingest` | | `logdna_host` | The LogDNA API host address. | `logs.logdna.com` | | `logdna_port` | The LogDNA TCP port. | `443` | | `mac` | The MAC address. This value is optional. | *none* | | `tags` | A list of comma-separated strings to group records in LogDNA and simplify the query with filters. | *none* | | `workers` | The number of [workers](https://docs.fluentbit.io/manual/administration/multithreading#outputs) to perform flush operations for this output. | `0` | ## Data discovery and enrichment The LogDNA output plugin can automatically discover and enrich records with additional content. When the plugin processes a record or log, it searches for specific key names that might contain context for the record in question. The following table describe these keys and the discovery logic: | Key | Description | | ------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `level` | If the record contains a key called `level` or `severity`, Fluent Bit will populate the context `level` key with that value. If not found, Fluent Bit won't set the context key. | | `file` | If the record contains a key called `file`, it will populate the context `file` with the value found. Otherwise, if the plugin configuration provided a `file` property, that value will be used instead. | | `app` | If the record contains a key called `app`, it will populate the context `app` with the value found, otherwise it will use the value set for `app` in the configuration property. | | `meta` | If the record contains a key called `meta`, it will populate the context `meta` with the value found. | ## Example configuration The following example configuration uses a `dummy` input and `logdna` output: {% tabs %} {% tab title="fluent-bit.yaml" %} ```yaml service: flush: 1 log_level: info pipeline: inputs: - name: dummy dummy: '{"log":"a simple log message", "severity": "INFO", "meta": {"s1": 12345, "s2": true}, "app": "Fluent Bit"}' samples: 1 outputs: - name: logdna match: '*' api_key: YOUR_API_KEY_HERE hostname: my-hostname ip: 192.168.1.2 mac: aa:bb:cc:dd:ee:ff tags: aa, bb ``` {% endtab %} {% tab title="fluent-bit.conf" %} ``` [SERVICE] Flush 1 Log_Level info [INPUT] Name dummy Dummy {"log":"a simple log message", "severity": "INFO", "meta": {"s1": 12345, "s2": true}, "app": "Fluent Bit"} Samples 1 [OUTPUT] Name logdna Match * Api_Key YOUR_API_KEY_HERE Hostname my-hostname Ip 192.168.1.2 Mac aa:bb:cc:dd:ee:ff Tags aa, bb ``` {% endtab %} {% endtabs %} Run Fluent Bit with the new configuration file: ```shell # For YAML configuration. fluent-bit --config fluent-bit.yaml # For classic configuration. fluent-bit --config fluent-bit.conf ``` Fluent Bit output: ``` ... [2020/04/07 17:44:37] [ info] [engine] started (pid=2157706) [2020/04/07 17:44:37] [ info] [output:logdna:logdna.0] configured, hostname=monox-fluent-bit-2 [2020/04/07 17:44:37] [ info] [sp] stream processor started [2020/04/07 17:44:38] [ info] [output:logdna:logdna.0] logs.logdna.com:443, HTTP status=200 {"status":"ok","batchID":"f95849a8-ec6c-4775-9d52-30763604df9b:40710:ld72"} ... ``` Your record will be available and visible in your LogDNA dashboard after a few seconds. ### Query your data in LogDNA In your LogDNA dashboard, go to the top filters and mark the Tags `aa` and `bb`, then you will be able to see your records as shown: ![LogDNA dashboard](https://4080960765-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FYLAade0z5f61r7oMWpvX%2Fuploads%2Fgit-blob-821fb616c3b0d3663603953e7e0bdbfefb8838fd%2Flogdna.png?alt=media)