Deploy Agents
Agents are an authorized endpoint to collect log data, and are always associated with a single organization. All data collected by an agent will be associated with this organization.
A single logical agent can be used to receive data from multiple systems. An agent represents the configuration necessary to authenticate and ingest data into its organization. You can use the agent configuration on as many systems as you want.
Example Setup
Instructions
To setup in the app, click the Configure sidebar button:
and then click the Agents tab.
For each Agent that you want to provision to collect data, select the organization that
the new agent will be associated with and click the New button. Then follow the
instructions to download and configure the desired agent to forward log data to SparkLogs.
Any log forwarding agent can be used that can send log data in JSON format to an HTTPS endpoint. In addition to the HTTPS+JSON API, the Elasticsearch bulk indexing API is also supported.
Supported open source log forwarding agents include Vector, fluentbit, filebeat, Logstash, or Grafana Alloy.
Install the log forwarding agent of your choice, and then configure it using the example configuration
template shown in the app when you create the agent. Or you can select an existing agent and use
the View API Key button to view the config template again.
Once you've setup your first agent and a log forwarding agent that is sending data to it, use the Explore sidebar button to confirm that data is flowing as you expect.
We recommend getting familiar with how AutoExtract will automatically extract structured field data from your unstructured log text. Use our AutoExtract simulator to quickly try this out on your log messages.