Make Your Logs Work for You

The days of logging in to servers and manually viewing log files are over. SolarWinds® Papertrail™ aggregates logs from applications, devices, and platforms to a central location.

View Technology Info

FEATURED TECHNOLOGY

Troubleshoot Fast and Enjoy It

SolarWinds® Papertrail™ provides cloud-based log management that seamlessly aggregates logs from applications, servers, network devices, services, platforms, and much more.

View Capabilities Info

FEATURED CAPABILITIES

Aggregate and Search Any Log

SolarWinds® Papertrail™ provides lightning-fast search, live tail, flexible system groups, team-wide access, and integration with popular communications platforms like PagerDuty and Slack to help you quickly track down customer problems, debug app requests, or troubleshoot slow database queries.

View Languages Info

FEATURED LANGUAGES

TBD - APM Integration Title

TBD - APM Integration Description

TBD Link

APM Integration Feature List

TBD - Built for Collaboration Title

TBD - Built for Collaboration Description

TBD Link

Built for Collaboration Feature List

Manage Logs > Log destinations

Log destinations

Introduction

Using Papertrail, you can create log destinations for systems that send logs either via HTTPS or via TCP/UDP in a traditional Syslog setup. The connection method is configured when creating a new destination.

The Papertrail event viewer shows the log’s timestamp based on the display_received_at field. The API has two timestamps for these logs available: received_at (when the logs reached the Papertrail log destination) and generated_at (the timestamp field in the RFC5424 syslog header).

The log destinations are subject to rate limits to UDP and 10 new connections per second in TCP.

Configuring log destinations

To create a log destination, go to the Log Destinations then click Create Log Destination.

This will open the log destination configuration page.

Enter a description and adjust destination settings as needed.

From the Accept connections via… pane, select one of the following options:

  • Token – to send logs via HTTPS
  • Port – to send logs via Syslog, and select the kind of messages you want to be received by this log destination. Log messages can be delivered using a TLS-encrypted Syslog over TCP, as well as over UDP. Papertrail also supports unencrypted TCP (Plain text), although this is not often used.

Click Create.

After the confirmation message appears along with the log destination address, click Back to Log Destinations Settings. The newly created log destination will be listed on the Log Destinations page. You can still modify the log destination’s Settings or add Log filters.

Port-based destination

If Port was selected in the Accept connections via… pane during the log destination setup, the new destination will accept logs sent to a dedicated host/port using the Syslog protocol. It is in the format of logsN.papertrailapp.com:XXXXX where logsN.papertrailapp.com is the host and XXXXX is the port.

Sending logs

For a guided logging setup, you may navigate in the local setup page found inside Papertrail. More examples will be found in Configuration.

Token-based destination

If Token was selected in the Accept connections via… pane during the log destination setup, the new destination will accept logs sent via HTTPS. These destinations use a provided token for the authentication of POST requests when sending events and can accept single or newline delimited events formatted in plaintext or JSON. If your log’s format is not supported, contact us.

Sending logs

Both endpoints use HTTP “Basic” authentication. The token provided will serve as your password and the username is left blank. A successful POST request will return an HTTP status code of 200.

The following are some cURL examples to get you started.

Single and Multiline events

To send single and multiline events use the endpoint https://logs.collector.solarwinds.com/v1/log. Replace the TOKEN with the value found in your log destination details.

Plaintext
$ curl -vu :TOKEN -H "content-type:text/plain" -d 'Hello World' https://logs.collector.solarwinds.com/v1/log
Multiline
$ curl -vu :TOKEN -H "content-type:text/plain" -d $'Hello\nWorld' https://logs.collector.solarwinds.com/v1/log
JSON
$ curl -vu :TOKEN -H "Content-Type: application/json" -d '{"tests": ["testing HTTP 01", "testing HTTP 02"]}' https://logs.collector.solarwinds.com/v1/log

Bulk events

To send multiple events at once use the endpoint https://logs.collector.solarwinds.com/v1/logs. Replace the TOKEN with the value found in your log destination details.

Multiple events
$ curl -vu :TOKEN -H "content-type:text/plain" -d $'Hello\nWorld' https://logs.collector.solarwinds.com/v1/logs

The scripts are not supported under any SolarWinds support program or service. The scripts are provided AS IS without warranty of any kind. SolarWinds further disclaims all warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The risk arising out of the use or performance of the scripts and documentation stays with you. In no event shall SolarWinds or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the scripts or documentation.