Our capabilities help you to collect, process, explore, query, and alert on your log data. To get your logs into New Relic, you can use any of these options:
For an overview of our various logging solutions, see Introduction to logs.
Got lots of logs? Check out our tutorial on how to optimize and manage them.
Here are some details on how to accomplish specific use cases:
If you want to do this...
Use one of these log forwarding options
Collect logs that are written to a local file on disk
Use our solutions to forward logs from operating systems, including our infrastructure monitoring agent, Fluent Bit, Fluentd, Logstash, and syslog/TCP. Use our guided install for infrastructure monitoring as a lightweight data collector for your apps' and hosts' logs.
Use your cloud forwarding platform
Collect logs from apps running in Docker containers, either standalone or when using Kubernetes
For Kubernetes environments, use our Kubernetes plugin.
For Docker environments, we offer a few options:
Collect logs directly from your apps, regardless of where they are hosted
Use our agent and infrastructure monitoring agent. Let your app's APM agent forward log data directly to New Relic with APM logs in context. No need to install or maintain additional third-party software!
Do something else
If our log forwarding options don't meet your needs, you can:
Get started with log forwarders
You can forward logs via our infrastructure agent or one of our supported third-party log services. Here's how:
- If you don't have one already, create a New Relic account. It's free, forever.
- Have your New Relic ready for the account you want to report logs to.
- Install a compatible log forwarder.
- Ensure that outbound connectivity on TCP port 443 is allowed to the CIDR range that matches your region.
- Depending on where your account data is stored in New Relic, use the DNS name
- If applicable, configure your app's agent by following the manual logs in context procedures.
Log forwarding options
Aside from our APM agents, we provide several other solutions to forward your logs to New Relic.
Infrastructure agent (recommended) and OS solutions
Using our infrastructure agent is one recommended path for log management because it gives you some powerful log reporting and configuration options. For details about setting this up, see Infrastructure agent logs.
If you don't need the host metrics automatically included with infrastructure log forwarding, or if you already have a log forwarder, you can use any of the following options to forward your logs to New Relic:
We support the following Amazon log forwarders:
- AWS CloudFront plugin
- AWS CloudWatch plugin
- AWS FireLens plugin
- AWS Kinesis Firehose
- AWS Lambda for sending logs from S3
We support the following Microsoft log forwarder:
Other supported log forwarders
We support the following log forwarders. Some of these options come with quickstarts, which give you out-of-the-box and alerts. You can install quickstarts after setting up your log forwarding.
- Akamai DataStream 2:
- Cloudflare Logpush
- Google Cloud Platform Pub/Sub
- Heroku log streaming
- Kubernetes plugin
- Vector plugin
Did this doc help with your installation?
In some situations you may not have log forwarders; for example, with CDNs, hardware devices, or managed services. You can use syslog protocols such as
syslog-ng, and forward your logs to New Relic via a TCP endpoint.
If you prefer to connect to New Relic without installing a plugin, we offer an HTTP input integration. This option sends your monitored log data directly to New Relic via the Log API.
How log forwarding works
The following diagram shows the lifecycle of a log message for an app, from enrichment with agent metadata (contextual logging), to formatting and forwarding the log data to New Relic.
This diagram illustrates the flow of log messages through New Relic.
Standard log formatters transform log events into meaningful output (such as text files) that can be used by downstream people and processes. The
NewRelicFormatter transforms log events into the JSON format expected by New Relic. These files contain log information and extended metadata.
When you configure your log forwarder (our infrastructure monitoring agent, Fluentd, Logstash, etc.), you can also extend and enrich your log data. By configuring logs in context, the log enricher links the formatted log data with additional transaction information from your application or host.
Now your log files are enriched with enhanced metadata and contextual logging data. Your log forwarder sends the files to our logging endpoint for processing. From there you can use our log management capabilities to view, query, set up alerts, and more in New Relic.
After you enable your log forwarder, make the most of your data in New Relic with our log management capabilities:
- Explore the logging data across your platform with our logs UI.
- See your logs in context of your app's performance in the APM UI. Troubleshoot errors with distributed tracing, stack traces, application logs, and more.
- Get deeper visibility into both your application and your platform performance data if you are forwarding your logs with our infrastructure monitoring agent. Review your infrastructure logs in the UI.
- Set up alerts.
- Query your data and create dashboards. For example, see our NerdGraph tutorials to query and manage your data partition rules and your log parsing rules.