LogHub supports a variety of RESTful APIs that provide different log collection methods, for example, log collection through one or more clients, websites, protocols, SDKs, and APIs.

Data sources

Log Service can collect logs from the following sources:
Type Source Access method Details
Application Program output Logtail -
Access logs Logtail Collect and analyze Nginx access logs
Link track Jaeger Collector and Logtail -
Programming language Java SDK and Java Producer Library -
Log4J Appender 1.x and 2.x -
LogBack Appender LogBack -
C Native -
Python Python -
Python Logging Python Logging Handler -
C# C# -
C++ C++ SDK -
Go Go -
NodeJS NodeJs -
JS JS/Web Tracking -
OS Linux Logtail -
Windows Logtail -
Mac/Unix Native C -
Docker files Logtail file collection -
Docker output Logtail container stdout -
Mobile client iOS/Android IOS SDK and Android SDK -
Websites JS/Web Tracking -
Intelligent IoT C Producer Library -
Cloud product Various products, such as ECS and OSS

For more information, see Cloud product logs

Cloud product console Cloud product logs
Import MaxCompute data Use Dataworks to export MaxCompute data Use DataWorks to export MaxCompute data to Log Service
Third-party software Logstash Logstash -

The following table lists the cloud products from which Log Service can collect logs:

Type Cloud product name Activation method Details
Elastic computing Elastic Compute Service (ECS) Through Logtail installation Logtail introduction
Container Service/Container Service for Kubernetes Through the Container Service console Text logs and stdout
Storage Object Storage Service (OSS) Through the OSS console OSS access logs
Network Server Load Balancer (SLB) Through the SLB console Access logs of Layer-7 SLB
Virtual Private Cloud (VPC) Through the VPC console Flow logs
API Gateway Through the API Gateway console API Gateway access logs
Security ActionTrail Through the ActionTrail console ActionTrail overview
DDoS Protection Through the DDoS Protection console DDOS Protection overview
Threat Detection Service Purchase Threat Detection Service Enterprise Edition and activate the service in the Threat Detection Service console. Log retrieval
Anti-Bot Service Through the Anti-Bot Service console Anti-Bot Service logs
Application Log Service (LOG) Through the Log Service console Log Service overview

Network and access point selection

Log Service provides service endpoints in each region, and the following types of network access methods are supported:

  • (Recommended) Intranet (classic networks) and private networks (VPCs): are applicable to regions with smooth service access and high-quality bandwidth links.
  • Internet (classic networks): can be used without any limits. The access speed depends on the link quality. HTTPS is recommended to maintain access security.


  • Q: Which type of network applies to physical connections?

    A: Intranet/private networks

  • Q: Can Internet IP addresses be collected during Internet data collection?

    A: Yes. You can follow the instructions provided in Manage a Logstore and enable the Internet IP address recording function.

  • Q: Which type of network can I use if I want to collect logs from an ECS server located in region A and send them to a project on a Log Service server located in region B?

    A: Use the Internet to transfer logs after install the Internet-version Logtail on the ECS server. As for other scenarios, follow the instructions provided in Select a network type.

  • Q: How can I determine whether access is established successfully?

    A: Access is established successfully if information is returned after you run the following command:

     curl $myproject.cn-hangzhou.log.aliyuncs.com

    In this command, $myproject indicates the project name, and cn-hangzhou.log.aliuncs.com indicates the access point.