DocumentationDiscussions
Documentation
DocumentationDiscussions
These docs are for v2020.2. Click to read the latest docs for v2024.2.

Managing Ingestion

API keys identify and manage applications that log to Seq

Applications logging events to Seq can provide an API key to identify themselves. API keys can be created at the system level (under Settings > API Keys), or for a user's personal access under (username) > API keys.

In addition to granting applications access to the Seq API, API keys can be used to:

  • Tag ingested events with properties allowing them to be inspected and filtered easily
  • Authenticate log sources to prevent accidental or unauthorized writes
  • View the rate of incoming events and raw JSON bytes from a log source
  • Filter events on arrival, including by log level, reducing server load in the case of runaway logging
  • Notify the log source of the desired logging level in order to reduce network traffic

Creating an API Key

📘

These instructions show the screens for managing system API keys; personal API keys are created and managed identically, but enforce high-entropy token generation (specifying tokens is not permitted for personal API keys).

API keys are listed, and created, in the Settings > API Keys screen within Seq.

1280

Selecting Add API key will request a name and other details of the key. Here, the properties to apply, filter, and logging level to advertise can be specified.

1280

👍

API key arrival filters can be a very effective way of reducing log noise.

When the API key is saved, its token will be displayed. This is supplied to the client logging library as part of the application's configuration, for example with Serilog:

Log.Logger = new LoggerConfiguration()
  .WriteTo.Seq("http://my-seq", apiKey: "9fs9V80bjlkgau9adsjH")
  .CreateLogger();

Events arriving from the application will include any applied properties:

1280

👍

How many API keys should I create?

API keys are an easy way to keep track of where events are coming from, and to filter it accordingly.

In general, every distinct application writing to Seq should have its own API key. If the application is deployed in multiple configurations, using a different key for each configuration is also a good idea.

API keys and permissions

API keys can be assigned a subset of permissions from the following options:

  • Ingest - Add events to the event store.
  • Read - Query events, dashboards, signals, app instances, etc.
  • Write - Write-access to signals, alerts, preferences, etc.
  • Setup - Access to administrative features of Seq, management of other users, app installation, backups.

System API keys can have any of the permissions assigned; personal API keys only provide the permissions held by their owner at the time the key is used.

Updated almost 4 years ago