Fastly logs include data that seems to be undocumented


#1

Each line in my fastly logs begins with data in that looks something like the line below:

<134>2015-10-14T22:26:18Z cache-ord1730 cloudmaestros3[154633]:
Is the format of this leading data documented somewhere?

The leading data is followed by my formatted cdn log data that is documented here: https://docs.fastly.com/guides/streaming-logs/setting-up-remote-log-streaming

I’m parsing the log data and want to make sure I understand what format of the entire line, including the leading data, will be.


#2

It’s syslog format: RFC 5424. The bit in angle brackets is the priority, which I believe is always 134 = local0.info in the logs that Fastly sends. The next bit is the timestamp, followed by the hostname of the machine that generated it. Next is the “app name” field, which is the name that you configured for the syslog endpoint in fastly. Finally, the thing in brackets is a process ID, which is unlikely to be meaningful to anyone outside Fastly.


#3

That answers my question, thanks arodland!