Heroku Labs: HTTPS Drains
Last updated 10 June 2019
This article is a work in progress, or documents a feature that is not yet released to all users. This article is unlisted. Only those with the link can access it.
This Heroku Labs feature adds experimental support for draining app logs to HTTP(S) endpoints (an alternative to draining app logs via TCP-syslog).
The features added through labs are experimental and may change or be removed without notice.
How it works
Adding HTTP(S) drains
$ heroku drains:add https://user:email@example.com/logs -a myapp
HTTP(S) drain endpoints
Logplex buffers log messages and submits batches of messages to an HTTP(S) endpoint via a
POST request. The
POST body contains syslog formatted messages, framed using the syslog TCP protocol octet counting framing method.
120 <40>1 2012-11-30T06:45:29+00:00 heroku web.3 d.73ea7440-270a-435a-a0ea-adf50b4e5f5a - State changed from starting to up 156 <40>1 2012-11-30T06:45:26+00:00 heroku web.3 d.73ea7440-270a-435a-a0ea-adf50b4e5f5a - Starting process with command `bundle exec rackup config.ru -p 24405`
Log messages contain a drain token (unique to that drain) that can be used to further validate the origin of drained log messages. The token for a drain can be retrieved with the
heroku drains command:
$ heroku drains -a myapp https://user:firstname.lastname@example.org/logs (d.73ea7440-270a-435a-a0ea-adf50b4e5f5a)
Secure drains are now possible with a combination of HTTPS drain endpoints and HTTP basic auth.
$ heroku labs:enable https-drains -a myapp Enabling https-drains for myapp... done WARNING: This feature is experimental and may change or be removed without notice.
$ heroku labs:disable https-drains -a myapp Disabling https-drains for myapp... done