It never ceases to amaze me that I can be 37,000 feet over the Atlantic in a tin box (writing this blog…) traveling at a speed of 594mph, with an outside temperature of -79F, and yet I can fire log events from my MacBook Air (excuse the pun) to Logentries and see them arrive instantaneously in my live tail view. It makes me wonder what speed the log events are traveling back to our servers at and exactly how quickly they are being processed; a question I will no doubt pose to our engineers once I land!
For some reason something piqued my interest as to whether there may be a firewall blocking traffic out from the Airbus 330… In fact one of the most common questions we get asked by our customers if they have issues sending initial log data is, “how do I check if I need to ask our security team if I am getting blocked due to a firewall issue?”
How to check if your logs are getting blocked by a firewall
A simple way to do this is to use telnet to send some events from your command line to Logentries. To do so, simply do the following:
- Select “Add new log” in the Logentries UI
- Select Manual Configuration
- Give the new log a name
- Select ‘token tcp’ based input
- Make note of the token value provided
The go to your command line and type the following:
$ telnet data.logentries.com 80 TOKEN_VALUE My first log entry at 37000 feet TOKEN_VALUE Traveling faster than a speeding bullet
Or to check port 443 (e.g. if you want to send events securely over SSL):
$ telnet data.logentries.com 443
Update to post thanks to comments by ebekker below: Note telneting to Logentries and sending some data in the clear won’t actually make anything appear (although establishing a connection will prove the firewall isn’t blocking it). You would need to use something like stunnel to proxy your clear text data into an SSL stream.
At the same time, have your live tail view open for the log you set up above. If it’s not blocked by any firewall you’ll see the log events streaming in. If you don’t see anything, you’ll likely have to ask your security team to open up these ports so you can send data out.
Note, if you need to do so, we also provide a list of IP addresses that you can whitelist so you do not need to open up ports to all and sundry.
So that’s exactly what I did on my Boston to Dublin flight. And, with my logs traveling faster than a speeding bullet, low and behold, I see them arriving instantaneously in my Logentries dashboard (see below).
QED – no firewalls at 37,000 feet – well at least not blocking ports 80 and 443!