Fastly will upload log messages periodically to the server in the format specified in the Elasticsearch object.

Data model

created_atstringDate and time in ISO 8601 format.
deleted_atstringDate and time in ISO 8601 format.
formatstringA Fastly log format string. Must produce valid JSON that Elasticsearch can ingest.
format_versionintegerThe version of the custom logging format used for the configured endpoint. The logging call gets placed by default in vcl_log if format_version is set to 2 and in vcl_deliver if format_version is set to 1.
indexstringThe name of the Elasticsearch index to send documents (logs) to. The index must follow the Elasticsearch index format rules. We support strftime interpolated variables inside braces prefixed with a pound symbol. For example, #{%F} will interpolate as YYYY-MM-DD with today's date.
namestringThe name for the real-time logging configuration.
passwordstringBasic Auth password.
pipelinestringThe ID of the Elasticsearch ingest pipeline to apply pre-process transformations to before indexing. Learn more about creating a pipeline in the Elasticsearch docs.
placementstringWhere in the generated VCL the logging call should be placed. If not set, endpoints with format_version of 2 are placed in vcl_log and those with format_version of 1 are placed in vcl_deliver.
request_max_bytesintegerThe maximum number of bytes sent in one request. Defaults 0 for unbounded.
request_max_entriesintegerThe maximum number of logs sent in one request. Defaults 0 for unbounded.
response_conditionstringThe name of an existing condition in the configured endpoint, or leave blank to always execute.
service_idstringAlphanumeric string identifying the service.
tls_ca_certstringA secure certificate to authenticate a server with. Must be in PEM format.
tls_client_certstringThe client certificate used to make authenticated requests. Must be in PEM format.
tls_client_keystringThe client private key used to make authenticated requests. Must be in PEM format.
tls_hostnamestringThe hostname used to verify a server's certificate. It can either be the Common Name (CN) or a Subject Alternative Name (SAN).
updated_atstringDate and time in ISO 8601 format.
urlstringThe URL to stream logs to. Must use HTTPS.
userstringBasic Auth username.
versionintegerInteger identifying a service version.


List Elasticsearch log endpoints


Create an Elasticsearch log endpoint


Get an Elasticsearch log endpoint


Update an Elasticsearch log endpoint


Delete an Elasticsearch log endpoint