Logs Router overview

This page describes the Logs Router in Stackdriver Logging.

How Stackdriver routes logs

In Stackdriver Logging, all logs, including audit logs, platform logs, and user logs, are sent to the Stackdriver Logging API where they pass through the Logs Router. The Logs Router checks each log entry against existing rules to determine which log entries to discard, which log entries to ingest (store) in Stackdriver Logging, and which log entries to include in exports.

Figure illustrating how Stackdriver routes logs entries.

For explanations of the concepts found in the diagram, including logs exclusions and log sinks, read the Stackdriver Logging documentation.

Log entries that match a log sink query are exported to sink destinations, rather than being stored or discarded. Logging supports three export destinations: BigQuery, Pub/Sub, and Cloud Storage. Exports can be set up at the Google Cloud project level, or at the organization or folder levels using aggregated exports.

To reliably export logs to Cloud Storage, the Logs Router also stores the logs temporarily, which buffers against temporary disruptions on any log sink. Note that the Logs Router's temporary storage is distinct from the longer term storage provided for included log entries.

You can enable customer-managed encryption keys (CMEK) for the Logs Router to help meet your organization's compliance needs. For details, go to Enabling customer-managed encryption keys for Logs Router.

Was this page helpful? Let us know how we did:

Send feedback about...

Stackdriver Logging Documentation