Log drains are currently in beta, and minor details may change. We'd love to hear any feedback or requests at email@example.com.
Log drains allow you to automatically stream all audit logs for your team to one or more destinations in your organization's observability stack.
To configure log drains, click on "Log drains" on the left side of the "Team settings" page. From there, you can set up one or more destination types, described in more detail below.
Audit log structure
The following example shows how audit logs are structured for export to log drains:
Note that the structure of the
payloadfield will vary based on the event type.
If the Datadog log drain is enabled, each audit log will be sent to the Datadog log collection API using the configured API key. These logs will be indexed in Datadog with the source name
airplane-audit-logsand service name
If an OpenTelemetry log drain is enabled, each audit log will be sent to an OpenTelemetry collector in your team's infrastructure using the configured URL. The collector can then filter and transform the logs before forwarding them onto other destinations in your observability stack, including Datadog, AWS CloudWatch, Splunk, etc.
If a webhook log drain is enabled, each audit log will be sent as an HTTP POST request to the configured webhook URL. The body will consist of a single audit log in JSON format.
Errors and retries
Any non-200 HTTP response from a downstream destination will be considered an error and the associated request will be retried later. After 5 consecutive delivery errors, the corresponding event will be dropped from the log drain export pipeline and not sent again. However, it will still be visible in the Activity page and exportable via CSV.
If logs aren't reaching your team's configured drain(s), then please contact firstname.lastname@example.org for assistance.