Log in|Playground

JSON Logs

This feature is only available for enterprise plan.

groundcover utilizes a generic HTTP endpoint for logs in JSON format. This can be useful for integration with 3rd party services and additional collectors, or for importing log files manually.

Sending logs to the endpoint

URL

The url should be https://{incloud-site}/json/logs as described in these docs. Make sure to use the inCloud Managed site fit for your deployment.

Method

HTTP method should be set to POST. No other methods are supported.

Authentication

To authenticate the request you can use any of the methods described here. The most simple method is using an apikeyheader with your apikey, which can be fetched using the command groundcover auth print-api-key. See example below for more details.

Content Type

One request can contain multiple logs by setting the payload as a JSON array (where every entry is a log line) or by using ndjson. Make sure to set the Content-Typeheader appropriately.

Format
Required Content-Type

JSON array

application/json

ndjson

application/x-ndjson

This endpoint only supports JSON formatted logs. For other supported formats please check our datasources page.

Structure

groundcover parses JSON logs using this logic:

  • Timestamp is extracted from the either of the keys timestamp, timeor ts . It is recommended to use RFC 3339 Nano format.

  • Log message is extracted from either of the keys message, msg, log, body, content or text

  • Additional fields will be stored as log attributes.

It is highly recommended to add extra attributes to enrich the logs being sent - see examples below

Example

This curl command sends two log lines to an example groundcover backend:

curl -X POST "https://test-site.com/json/logs" \
-H "Content-Type: application/x-ndjson" \
-H "apikey: your-ingestion-key" \
--data-binary '{"timestamp": "2025-01-01T10:45:32.123456799Z", "msg": "sending log to groundcover", "extra-attribute": "groundcover is cool"}
{"timestamp": "2025-01-01T10:45:32.123457799Z", "msg": "more logs to groundocver", "key2": "value2", "key3": "value3"}'

Attribute Enrichment

Using resource attributes

It is possible to enrich specific attributes using resource attributes - read more here.

See below for an example on adding workload, cluster, env and source via resource attributes:

{
  "timestamp": "2025-01-01T10:45:32.123456799Z",
  "msg": "my awesome log line",
  "service.name": "my-workload",
  "cluster": "my-cluster",
  "env_name": "my-env",
  "source": "my-json-sender",
}

Using headers

It is possible to enrich specific attributes using HTTP headers - read more here.

See below for an example on adding source and env via headers:

curl -X POST "https://test-site.com/json/logs" \
-H "Content-Type: application/x-ndjson" \
-H "apikey: your-ingestion-key" \
-H "x-groundcover-service-name: my-workload" \
-H "x-groundcover-cluster: my-cluster" \
-H "x-groundcover-env-name: my-env" \
-H "x-groundcover-source: my-json-sender" \
--data-binary '{"timestamp": "2025-01-01T10:45:32.123456799Z", "msg": "sending log to groundcover", "extra-attribute": "groundcover is cool"}
{"timestamp": "2025-01-01T10:45:32.123457799Z", "msg": "more logs to groundocver", "key2": "value2", "key3": "value3"}'

Last updated