How to Forward Logs to OpenSearch Clusters

OpenSearch is an open-source search and analytics suite which serves as a centralized location to manage logs forwarded from other resources, such as databases and Droplets.


You can forward logs to your Managed OpenSearch cluster to view them in the OpenSearch Dashboard in the control panel. The DigitalOcean API natively supports forwarding logs from other Managed Database clusters.

Your OpenSearch cluster’s trusted sources settings can prevent you from forwarding certain logs to it. You can only forward logs from a MongoDB cluster if you add its node IPs to the OpenSearch cluster’s trusted sources. You cannot currently forward logs from App Platform or Kubernetes if your OpenSearch cluster has trusted sources enabled.

Forward Logs from Managed Database Clusters

To forward logs from managed database clusters, you need to create a log sink using the DigitalOcean API.

Note
To create a log sink using the API, you need to provide values for the sink_name, sink_type, and config fields, which specify the name of the log sink, its type (rsyslog, elasticsearch, or opensearch), and your desired URL or server/port configuration, respectively.
How to Create a Log Sink Using the DigitalOcean API
  1. Create a personal access token and save it for use with the API.

  2. Send a POST request to https://api.digitalocean.com/v2/databases/{database_cluster_uuid}/logsink

    cURL

    Using cURL:

                    curl -X POST \
      -H "Content-Type: application/json" \
      -H "Authorization: Bearer $DIGITALOCEAN_TOKEN" \
      -d '{"sink_name": "logsink", "sink_type": "rsyslog", "config": {"server": "192.168.10.1", "port": 514, "tls": false, "format": "rfc5424"}}' \
      "https://api.digitalocean.com/v2/databases/9cc10173-e9ea-4176-9dbc-a4cee4c4ff30/logsink"