In part one and part two of this series, we discussed core concepts of Heroku logging, such as log types, Logplex, and log drains.
In this article, we’ll provide a cheat sheet of Heroku Logging CLI commands. Developers might not love working at the command line; however, executing commands with the CLI is quick and allows more control than graphical interfaces, giving developers the power to automate tasks via scripts.
This cheat sheet contains detailed explanations and examples to help developers with all the necessary commands to interact successfully with Heroku logs applications.
This article will also cover the topic of Heroku Private Spaces, specifically what they are, how to create a space, and how to set up logging and create queries.
Learn More
Explore the complete Heroku Logging Guide series:
- Part 1: The Basics
- Part 2: Advanced Concepts
- Part 3: CLI Cheat Sheet and Private Space Logging
- Part 4: Integrating With CrowdStrike Falcon LogScale
Command Line Interface Cheat Sheet
While there are many CLI commands to be aware of when working with logs in Heroku, we’ll cover the most commonly used ones here.
Logs CLI Commands
View Logs
The basic CLI command for interacting with Heroku logs is:
heroku logs
Executing it will return a maximum of 100 most recent log entries. The output of this command looks like this:
2022-12-28T19:08:23.612947+00:00 app[web.1]: [2022-12-28 19:08:23 +0000] [4] [INFO] Starting gunicorn 20.1.0 2022-12-28T19:08:23.613444+00:00 app[web.1]: [2022-12-28 19:08:23 +0000] [4] [INFO] Listening at: http://0.0.0.0:57271 (4) 2022-12-28T19:08:23.613516+00:00 app[web.1]: [2022-12-28 19:08:23 +0000] [4] [INFO] Using worker: sync 2022-12-28T19:08:23.618325+00:00 app[web.1]: [2022-12-28 19:08:23 +0000] [9] [INFO] Booting worker with pid: 9 2022-12-28T19:08:23.628735+00:00 app[web.1]: [2022-12-28 19:08:23 +0000] [10] [INFO] Booting worker with pid: 10
View Logs in a Real-Time Stream
To view your Heroku logs in a real-time stream, updating as new logs come in, you would use the --tail option.
heroku logs --tail
To stop the stream, execute CTRL+C (which is similar to performing a keyboard interrupt with most CLI apps).
Filter Logs by Source
The following command will return a list of the most recent logs but filtered by source. In this example, the source will be application logs.
heroku logs --source app
We can also filter by system logs.
heroku logs --source heroku
Specify the Number of Logs
The following command allows us to specify the exact number of recent logs we wish to display. To see the 200 most recent logs, use this command:
heroku logs -n 200
It’s important to note that the maximum number of logs Logplex can retain is 1,500.
Filter by App Name
We can also filter logs by app name. In this example, the app is called my-app.
heroku logs --app my-app
Filter by Dyno
A Heroku dyno is a lightweight Linux container in which our app is executed. Below is the command for filtering by dyno:
heroku logs --dyno heroku-redis
Colorize
For a colorized version of the output, use the force-colors flag:
heroku logs --app my-app --force-colors
Log Drains CLI Commands
View Log Drains for an App
Heroku log drain activity can also be viewed in the CLI. Below is the command for displaying the log drain for an app called my-app.
heroku drains --app my-app
This code will display the data in tabular format. For the JSON format, add the json flag.
The command, with the --json flag added, outputs the following:
[
{
"addon": null,
"created_at": "2023-01-01T00:59:46Z",
"id": "906262a4-e151-45d2-b35a-a2dc0ea9e688",
"token": "d.f14da8cd-108a-228d-b1be-bed8ec2fa1e7",
"updated_at": "2023-01-02T00:59:47Z",
"url": "syslog://logs.example.com"
},
{
"addon": {null,
"created_at": "2023-01-01T21:44:01Z",
"id": "b8c04a36-c914-4ec4-a5bd-eaa8c965d0dd",
"token": "d.0a75c222-f49b-4428-ac2f-a5935fcffd50",
"updated_at": "2028-01-02T21:44:02Z",
"url": "syslog+tls://logs.anotherexample.com"
}
]
Add a Log Drain
To add a log drain to an app, run the following CLI command:
heroku drains:add -a my-app https://logdestination.example.com
We can send logs from Heroku to many third-party logging platforms, which we will discuss in more detail in part four of this series.
Remove a Log Drain
To remove a drain, execute the following command:
heroku drains:remove -a my-app https://logdestination.example.com
Combine Flags in Logs CLI Commands
We can also combine many flags and options when executing Heroku CLI commands. Let’s look at some examples.
Filter by app and specify the number of lines.
heroku logs -a my-app -n 50
Filter by app and dyno.
heroku logs -a my-app -d my-dyno
View logs in real time, filtered by app.
heroku logs -a my-app –tail
Private Space Logging
Private Spaces are used for deploying enterprise-level applications on Heroku. They bring a higher degree of security but less log configuration.
A Heroku Private Space represents an isolated environment within the Heroku platform, similar to the Virtual Private Cloud in platforms such as AWS or GCP. Private Spaces allow you to encapsulate your apps and services for accessibility only from other services within your private subnets. This helps to ensure protection from unauthorized access.
Apps running in Private Spaces run in private dynos, meaning they do not share infrastructure with other dynos. This ensures a major performance boost.
Private Spaces are ideal for applications requiring high levels of security and regulatory compliance. However, keep in mind that not all Heroku regions of the world support Private Spaces. The regions that currently support Private Spaces are the following:
- Virginia
- Oregon
- Dublin
- Frankfurt
- Sydney
- Tokyo
Create a Private Space
We can create a Private Space through the Heroku web UI or the Heroku CLI. The command for creating a Private Space via the CLI is:
heroku spaces:create name-of-space --team my-team --region sydney
Heroku spaces are created in private networks; therefore, we can also specify the CIDR range of the space.
heroku spaces:create–cidr 172.16.0.0./16 --space name-of-space
We need to ensure that we enter a valid CIDR range. Keep in mind that only team administrators can manage CIDR ranges in spaces.
To confirm the space was created successfully, run the following command:
heroku spaces:info --space name-of-space
The above command displays the space information as follows:
=== name-of-space ID: 12345678-abcd-1234-abcd-12345678abcd Team: my-team Region: Sydney, Australia State: allocated Shield: on Outbound IPs: 52.198.127.12, 52.197.133.34, 52.199.6.12, 52.198.222.211 Created at: 2022-12-12T08:38:15Z
Enable Logging in Private Spaces
Private Spaces do not support Logplex. Therefore, integrating logging with Private Spaces requires you to set a third-party logging platform as your log destination.
After setting up a log destination, create a space and specify the log drain:
heroku spaces:create name-of-space --team my-team --region sydney --log-drain-url https://logdestination.example.com
Keep in mind that you cannot turn on logging for a Private Space after it has been created. You must specify the log destination when creating the Private Space.
To retrieve the log destination URL for a Private Space, run the following command:
heroku drains:get --space name-of-space
However, we can update the log drain URL, as shown below:
heroku drains:set https://logcabin.example.com --space name-of-space
Query Logs in Private Spaces
To query your logs for a Private Space, you’ll need to look to your third-party logging backend.
In part four of this series, we’ll cover how to send your Heroku logs (either from your Heroku app or Private Space) to CrowdStrike Falcon LogScale. Then, we’ll discuss querying in further detail.
Benefits of Private Space Logging
By utilizing logging in your Private Space, you can inspect logs from all apps, databases, and other components in the Private Space. Private Space logging provides isolation from other Heroku resources that are not part of the Private Space. This reduces the log noise, making it easier and faster to filter through logs.
Also, developers don’t need to do any log configuration. Private Space logging improves efficiency and reduces tedious tasks for developers. In turn, this allows them to focus on business logic and application code.
Limitations of Private Space Logging
Although Private Space logging offers several benefits to developers, it also has some limitations. First, the log drain URLs must be publicly accessible. You cannot use a log drain that is accessible only via a private connection.
Also, Logplex is disabled when using Private Spaces, so Heroku will not store any logs locally. However, this can be an advantage, as there will be no proxy between the log source and the destination when using drains.
Log your data with CrowdStrike Falcon Next-Gen SIEM
Elevate your cybersecurity with the CrowdStrike Falcon® platform, the premier AI-native platform for SIEM and log management. Experience security logging at a petabyte scale, choosing between cloud-native or self-hosted deployment options. Log your data with a powerful, index-free architecture, without bottlenecks, allowing threat hunting with over 1 PB of data ingestion per day. Ensure real-time search capabilities to outpace adversaries, achieving sub-second latency for complex queries. Benefit from 360-degree visibility, consolidating data to break down silos and enabling security, IT, and DevOps teams to hunt threats, monitor performance, and ensure compliance seamlessly across 3 billion events in less than 1 second.
