Heroku Logs (Beta)
Panther supports receiving Heroku logs directly via webhook
Last updated
Panther supports receiving Heroku logs directly via webhook
Last updated
Heroku log ingestion is in open beta starting with Panther version 1.75, and is available to all customers. Please share any bug reports and feature requests with your Panther support team.
Panther ingests Heroku runtime logs by configuring a Heroku log drain to post events to a Panther HTTP source.
In order to complete Step 2 of this process (creating a log drain in Heroku), you must have Heroku's CLI installed. If it is not already installed, follow Heroku's documentation to install it here.
In the left-side navigation bar of your Panther Console, click Configure > Log Sources.
Click Create New.
Search for “Heroku,” then click its tile.
In the slide-out panel, the Transport Mechanism dropdown in the upper-right corner will be pre-populated with the HTTP option.
Click Start Setup.
Follow Panther's instructions for configuring an HTTP Source.
When setting the Stream Type for the source, choose Lines.
When setting up this log source initially, set the Auth method as None. In Step 3, after retrieving an authentication token from Heroku, you will change it to Shared Secret authentication.
Before starting this step, ensure the prerequisite is met.
Run a customized version of the following command in your Heroku CLI to set up a log drain pointing from your Heroku app to Panther's HTTP source:
heroku drains:add https://logs.mypantherdomain.runpanther.net/http/1081f021-a983-4dae-bcbb-1952ffaa4e72 -a myherokuappname
Run the following command to retrieve your drain token:
heroku drains --json -a myherokuappname
From the output of this command, save the value of token
. It will be used in the next step.
Navigate back to your Panther Console.
Locate the log source you created in Step 1, by clicking Configure > Log Sources, and clicking the name of the source.
In the upper-right corner, click Configuration, then Edit.
In the upper-right corner, click on the Security tab.
Change the value of the Auth method dropdown to Shared Secret, then enter values for the following fields:
Header Name: Enter Logplex-Drain-Token
.
Shared Secret Value: Paste in the token
you retrieved from the Heroku CLI in the previous step.
Click Save.
Required fields in the schema are listed as "required: true"
Heroku.Runtime
logs are event logs from Heroku that contain app, system, API, and add-on logs. For more information, see Heroku's documentation on runtime logs.