All Collections
Logs Management
Ingestion Pipelines
How to use your API Key in Logstash
How to use your API Key in Logstash

Discover the steps you need to take to send log files securely to Logstash using an API key in this helpful article from

Lee Smith avatar
Written by Lee Smith
Updated over a week ago

Sending data to Logstash is quick and simple to set up. If you have not already done so, please check out our Data Source Wizard for Logstash before learning how to properly use the API key.

Once you have set up and configured your data source, you can configure a custom API key in Logstash to ensure authorisation to send messages.

Adding the API key to every message

Sending the API key with each message is the most common and preferred way of authorising requests. This API key can be anything you like (such as a GUID or a special string value of your choice).

You will also need to create a Logstash filter to drop all incoming messages that are missing the API key. The following code snippet can do this, as well as check that the API key is of a GUID format:

if [logstashApiKey] != "GUID" 
  drop {}

Example using Filebeat

To add the API key to messages being sent from Filebeat to Logstash, add it as a field inside the YAML config file (/etc/filebeat/filebeat.yml ):

    type: log
    enabled: true
        type: nginx-access
        logstashApiKey: <your-api-key>
        fields_under_root: true
        encoding: utf-8
        exclude_files: [".gz"]

What's next?

Did this answer your question?