Troubleshooting logging endpoints
When a logging endpoint stops delivering data or behaves unexpectedly, the Endpoint Error Stream lets you investigate and diagnose the problem. The stream shows errors from the last hour and updates in real time.
Common scenarios where the Error Stream can help:
- Your logging configuration is active, but no data is appearing at your destination (such as S3, Datadog, or BigQuery).
- You're receiving some logs but suspect others are being dropped.
- The Fastly control panel shows your logging configuration has errors.
Viewing errors
You can access the Error Stream through the Fastly control panel or CLI.
- Control panel
- CLI
- Log in to the Fastly control panel.
- From the Home page, select the appropriate service. You can use the search box to search by ID, name, or domain.
- On the Service summary page, scroll to Logging configuration errors to see the active service version's errors from the last hour.
Understanding the error output
All errors contain the following fields:
| Field | Description |
|---|---|
sequence_number | A numeric sequence number used to order error messages chronologically |
error_time_us | When the error occurred (Unix) |
message | Human-readable description of the error |
stream | The log stream type. This will always be logging\_error. |
endpoint | The name of the logging endpoint where the error occurred (e.g., datadog, s3, splunk) |
details | Additional error information containing provider-specific error details |
The following patterns may help you interpret the output:
- Authentication failures. Check for things like expired AWS keys, incorrect IAM permissions, or invalid tokens.
- Formatting errors. Look for things like invalid JSON structures or missing required fields for your provider.
- Network issues. Look for things like connection timeouts, DNS failures, or destination server unavailability.
After reviewing errors
If the error output identifies the problem, make the necessary changes to your logging configuration and monitor the stream to confirm the issue is resolved.
However, if your logging configuration appears broken but you're still receiving some logs, not all of Fastly's log aggregators may be able to connect to your endpoint's server. This typically means the maximum number of concurrent connections has been reached. Try configuring your logging endpoint's server to allow a higher maximum number of inbound connections and check whether the error clears after a couple of hours.
If you're unable to resolve the issue, contact Fastly support and include the error details from the stream to help with diagnosis.
