---
title: 'Log streaming: SFTP'
summary: null
url: >-
  https://www.fastly.com/documentation/guides/integrations/logging-endpoints/protocol-based-and-self-hosted/log-streaming-sftp
---

Fastly's [Real-Time Log Streaming](https://www.fastly.com/documentation/guides/integrations/streaming-logs/about-fastlys-realtime-log-streaming-features) feature can send log files to SFTP, a secure file transfer subsystem for the Secure Shell (SSH) protocol. Our SFTP endpoint supports both password-based authentication and SSH public-key authentication, with SSH public-key authentication being preferred. To learn more about SSH public-key authentication, or to learn how to generate public and private key pairs, see [this guide](https://git-scm.com/book/en/v2/Git-on-the-Server-Generating-Your-SSH-Public-Key).

> **NOTE:** 
>
> Fastly does not provide direct support for third-party services. Read [Fastly's Terms of Service](https://www.fastly.com/terms) for more information.
>
>

## Adding SFTP as a logging endpoint

Follow these instructions to add SFTP as a logging endpoint:

### Cdn Services

1.   Review the information in our guide to [setting up remote log streaming](/guides/integrations/streaming-logs/setting-up-remote-log-streaming).

2. In the SFTP area, click **Create endpoint**.
3. Fill out the **Create an SSH File Transfer Protocol (SFTP) endpoint** fields as follows:

   -   In the **Name** field, enter a human-readable name for the endpoint.

   -   In the **Placement** area, select where the logging call should be placed in the generated VCL. Valid values are **Format Version Default** and **None**. Read our guide on [changing log placement](/guides/integrations/streaming-logs/changing-log-placement) for more information.

   -   In the **Log format** field, optionally enter an Apache-style string or VCL variables to use for log formatting. Consult the [example format section](#example-format) for details.

   -   *(Optional)* In the **Timestamp format** field, enter a timestamp format for log files. The default is an `strftime` compatible string. Our guide on [changing where log files are written](/guides/integrations/streaming-logs/changing-where-log-files-are-written) provides more information.

   - In the **Address** field, enter the hostname or IP address of the SFTP server. In the port field after the colon, enter the port number you're using for SFTP (the default is `22`).
   - In the **Path** field, enter the path to use for storing log files. Leaving the default `/` in this field means the files will be saved in the root path. We describe this variable in more detail in our guide on [changing where log files are written](https://www.fastly.com/documentation/guides/integrations/streaming-logs/changing-where-log-files-are-written).

   > **HINT:** If you save logs on the SFTP server, make sure the directory already exists.

   - In the **User** field, enter the username used to authenticate to the SFTP server.

   - In the **Known hosts** field, enter a Host key for each Host you can connect to over SFTP. Each Host key you enter must be on its own line. Known hosts entries should match what’s stored in your `known_hosts` file located in your home directory (or the local account settings if you're working with macOS or a Windows operating system). A known hosts entry looks like this:

     `1.2.3.4 ecdsa-sha2-nistp256 aBc123xYz…`

     where the `1.2.3.4` is the SFTP IP address, `ecdsa-sha2-nistp256` is your Host key algorithm, and `aBc123xYz…` is your public key.

   - In the **Secret key** field, enter the SSH secret key used to connect to the server. If both Secret key and Password are entered, the Secret key will be used in preference.

   - In the **Password** field, enter the password used to authenticate to the SFTP server. If both Password and Secret key are entered, the Secret key will be used in preference.

   -   *(Optional)* In the **Period** field, enter an interval (in seconds) to control how frequently your log files are rotated. Rotation entails the finalization of one file object and the start of a new one, never removing any previously created file object. This value defaults to `3600` seconds.

   -   *(Optional)* From the **Processing region** menu, select a geographic region where logs are processed before being sent to the logging endpoint. Our guide on [regional log aggregation](/guides/integrations/streaming-logs/setting-up-regional-log-aggregation) provides more information.

4. Click **Advanced options** and fill out the fields as follows:
   -   In the **Select a log line format** area, select the log line format for your log messages. Our guide on [changing log line formats](/guides/integrations/streaming-logs/changing-log-line-formats) provides more information.

   -   *(Optional)* In the **PGP public key** field, enter a PGP public key that Fastly will use to encrypt your log files before writing them to disk. You will only be able to read the contents by decrypting them with your private key. The PGP key should be in [PEM (Privacy-Enhanced Mail) format](https://en.wikipedia.org/wiki/Privacy-enhanced_Electronic_Mail). Read our guide on [log encryption](/guides/integrations/streaming-logs/encrypting-logs) for more information.

   -   *(Optional)* In the **Compression** field, select the compression format you want applied to the log files. Our guide on [changing log compression options](/guides/integrations/streaming-logs/changing-log-compression-options) provides more information.

5.   Click **Create** to create the new logging endpoint.

6.   From the **Activate** menu, select **Activate on Production** to deploy your configuration changes.

### Example format

The following is an example format string for sending data to an SFTP logging endpoint. Our discussion of [format strings](https://www.fastly.com/documentation/guides/integrations/streaming-logs/custom-log-formats) provides more information.

```plaintext
{
  "timestamp": "%{strftime(\{"%Y-%m-%dT%H:%M:%S%z"\}, time.start)}V",
  "client_ip": "%{req.http.Fastly-Client-IP}V",
  "geo_country": "%{client.geo.country_name}V",
  "geo_city": "%{client.geo.city}V",
  "host": "%{if(req.http.Fastly-Orig-Host, req.http.Fastly-Orig-Host, req.http.Host)}V",
  "url": "%{json.escape(req.url)}V",
  "request_method": "%{json.escape(req.method)}V",
  "request_protocol": "%{json.escape(req.proto)}V",
  "request_referer": "%{json.escape(req.http.referer)}V",
  "request_user_agent": "%{json.escape(req.http.User-Agent)}V",
  "response_state": "%{json.escape(fastly_info.state)}V",
  "response_status": %{resp.status}V,
  "response_reason": %{if(resp.response, "%22"+json.escape(resp.response)+"%22", "null")}V,
  "response_body_size": %{resp.body_bytes_written}V,
  "fastly_server": "%{json.escape(server.identity)}V",
  "fastly_is_edge": %{if(fastly.ff.visits_this_service == 0, "true", "false")}V
}
```

### Compute Services

1.   Review the information in our guide to [setting up remote log streaming for Compute](/guides/integrations/streaming-logs/setting-up-remote-log-streaming-for-compute). Additionally, our developer documentation provides more [information about logging](/guides/integrations/non-fastly-services/developer-guide-logging/) with Compute code written in our [supported languages](/reference/compute/sdks/).

2. In the SFTP area, click **Create endpoint**.
3. Fill out the **Create an SSH File Transfer Protocol (SFTP) endpoint** fields as follows:

   -   In the **Name** field, enter the endpoint name you specified in your Compute code. For example, in our [Rust code example](/guides/compute/developer-guides/rust/#logging), the name is `my_endpoint_name`.

   -   *(Optional)* In the **Timestamp format** field, enter a timestamp format for log files. The default is an `strftime` compatible string. Our guide on [changing where log files are written](/guides/integrations/streaming-logs/changing-where-log-files-are-written) provides more information.

   - In the **Address** field, enter the hostname or IP address of the SFTP server. In the port field after the colon, enter the port number you're using for SFTP (the default is `22`).
   - In the **Path** field, enter the path to use for storing log files. Leaving the default `/` in this field means the files will be saved in the root path. We describe this variable in more detail in our guide on [changing where log files are written](https://www.fastly.com/documentation/guides/integrations/streaming-logs/changing-where-log-files-are-written).

   > **HINT:** If you save logs on the SFTP server, make sure the directory already exists.

   - In the **User** field, enter the username used to authenticate to the SFTP server.

   - In the **Known hosts** field, enter a Host key for each Host you can connect to over SFTP. Each Host key you enter must be on its own line. Known hosts entries should match what’s stored in your `known_hosts` file located in your home directory (or the local account settings if you're working with macOS or a Windows operating system). A known hosts entry looks like this:

     `1.2.3.4 ecdsa-sha2-nistp256 aBc123xYz…`

     where the `1.2.3.4` is the SFTP IP address, `ecdsa-sha2-nistp256` is your Host key algorithm, and `aBc123xYz…` is your public key.

   - In the **Secret key** field, enter the SSH secret key used to connect to the server. If both Secret key and Password are entered, the Secret key will be used in preference.

   - In the **Password** field, enter the password used to authenticate to the SFTP server. If both Password and Secret key are entered, the Secret key will be used in preference.

   -   *(Optional)* In the **Period** field, enter an interval (in seconds) to control how frequently your log files are rotated. Rotation entails the finalization of one file object and the start of a new one, never removing any previously created file object. This value defaults to `3600` seconds.

4. Click **Advanced options** and fill out the fields as follows:
   -   *(Optional)* In the **PGP public key** field, enter a PGP public key that Fastly will use to encrypt your log files before writing them to disk. You will only be able to read the contents by decrypting them with your private key. The PGP key should be in [PEM (Privacy-Enhanced Mail) format](https://en.wikipedia.org/wiki/Privacy-enhanced_Electronic_Mail). Read our guide on [log encryption](/guides/integrations/streaming-logs/encrypting-logs) for more information.

   -   In the **Select a log line format** area, select the log line format for your log messages. Our guide on [changing log line formats](/guides/integrations/streaming-logs/changing-log-line-formats) provides more information.

   -   *(Optional)* In the **Compression** field, select the compression format you want applied to the log files. Our guide on [changing log compression options](/guides/integrations/streaming-logs/changing-log-compression-options) provides more information.

5.   Click **Create** to create the new logging endpoint.

6.   From the **Activate** menu, select **Activate on Production** to deploy your configuration changes.

## Related content

- [API reference: SFTP log streaming](https://www.fastly.com/documentation/reference/api/logging/sftp/)
- [CLI reference: SFTP log streaming](https://www.fastly.com/documentation/reference/cli/logging/sftp/)