Ways of Sending Data
Any sort of log data can be sent to Loggly, it just needs to be text based. Unstructured or structured logs from any application or device can be forwarded. There’s no need to install any proprietary agents to send logs to us, simple configuration of your existing infrastructure is all that it takes.
There are a few general methods of sending logs that we’ll break down in further detail in this documentation. It’s possible to send data over either Syslog (TCP,UDP,TLS) or HTTP/S. With any of the syslog methods, your customer token will need to be within the syslog header and follow our pre-defined template. With HTTP, the customer token is part of the endpoint URL.
Find the log forwarding configuration that’s right for you, or mix & match:
|Local Syslog Agent||
The most common way to forward your system & application logs to Loggly is by using a local syslog agent. Linux systems will have an agent pre-installed and it doesn’t take long to install an agent on a Windows system. After a simple configuration change, logs will stream directly to Loggly from each system. Many applications & other services can be configured to write directly to your local syslog agent, which will then forward to Loggly. Some applications can’t write directly to your syslog agent. Instead, you can write to a log file that is watched by your syslog agent. When there is a change to the log file(s), e.g. when an event is added, the change is forwarded to Loggly.
|Centralized Syslog Agent||
Centralizing the log data before streaming it to Loggly is also an option. This option is great for infrastructures that prefer to have limited outbound connections. Follow the configuration steps for “Local Syslog Agent” to setup the centralized syslog agent.
|Hardware Devices||Routers, firewalls, etc have log data, but have limited capabilities with where they can send the data. Point the device to a centralized syslog agent within your own infrastructure that’s capable of forwarding the events to Loggly. Here’s how you can configure a centralized syslog agent.|
|Direct With No Agent||If you’d rather not use syslog to send log events, it’s possible to configure applications to write log events directly to Loggly over HTTP/S using our RESTful API. Some dev languages also have logging libraries that can log directly.|
It’s possible to log events directly from the end-user’s browser or device. The Loggly RESTful API can be used to send events over POST or GET, it also allows batched events. Tracking pixels are commonly used by web analytics services to track site/application activity. By inserting a 1×1 pixel (.gif) on your web page, HTTP logs can be sent directly to Loggly. Any additional query string parameters can be included, which become the log event.