HTTP Listener
Overview
HTTP Listener exposes an HTTP endpoint that accepts incoming requests containing log data. External systems can send events or logs to this endpoint.
Supported platforms
- Linux:
Logs - Windows:
Logs - macOS:
Logs
Authentication
HTTP Listener supports multiple authentication methods to verify incoming requests and ensure that only authorized systems can send data to the endpoint.
Authentication is configured using the Credential Type field.
| Parameter | Type | Description |
|---|---|---|
| Credential Type | string | Specifies the authentication mechanism used to validate incoming requests. |
| BearerTokenAuth | option | Enables Bearer Token authentication |
| HmacAuth | option | Enables HMAC-based authentication. Requests must include a valid HMAC signature to verify message integrity and authenticity. |
| HubspotHmacAuth | option | Enables HubSpotHMAC authentication used for validating webhook requests from HubSpot integrations. |
HMAC Authentication
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
| Signature Header | string | Yes | — | HTTP header that carries the HMAC signature used to validate the incoming request. |
| Hash Algorithm | string | Yes | sha256 | Hash algorithm used to compute the HMAC signature.(e.g., sha256, sha1 ,sha512) |
| Signature Encoding | string | Yes | hex | Encoding is the signature encoding (e.g., hex, base64) |
| Signature Prefix | string | No | — | Prefix is an optional prefix (e.g., "sha256=") to strip before decoding. |
| HMAC Secret | string | Yes | — | Secret is the shared key used for HMAC |
| Max Body Size | integer | No | 1048576 | MaxBodySize limits how many bytes will be read from the request body for HMAC validation. If zero, a default limit is used.. |
HubSpot HMAC Authentication
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
| Signature Header | string | Yes | x-hubspot-signature-v3 | SignatureHeader is the HTTP header that carries the HubSpot v3 signature. |
| Timestamp Header | string | Yes | x-hubspot-request-timestamp | TimestampHeader is the HTTP header that carries the HubSpot request timestamp. |
| HubSpot Client Secret | string | Yes | — | ClientSecret is the HubSpot client secret used for HMAC-SHA256 validation. |
| Max Body Size | integer | No | 1048576 | MaxBodySize limits how many bytes will be read from the request body for HMAC validation. If zero, a default limit is used. |
Basic Configuration
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
| endpoint | string | Yes | none | The network address where the source listens for incoming webhook HTTP requests. Example: 0.0.0.0:8080. |
| path | string | Yes | /events | HTTP path used for receiving webhook events. |
| health_path | string | No | /health_check | Path for the health check endpoint. |
Advanced Configuration
TLS
| Parameter | Type | Default Value | Description |
|---|---|---|---|
| enable_tls | bool | false | Enables TLS encryption for incoming webhook HTTP connections. |
| min_version | string | 1.3 | Defines the minimum TLS version accepted for secure connections. Supports TLS 1.2 and above. |
| cert_file | string | none | Path to the TLS certificate file used by the server. |
| key_file | string | none | Path to the TLS private key file used by the server. |
| client_ca_file | string | none | Path to the client CA certificate file used to verify client certificates for mutual TLS (mTLS). |
Timeouts & Limits
| Parameter | Type | Default | Description |
|---|---|---|---|
| read_timeout | duration | 500ms | Maximum wait time while attempting to read a received event. |
| write_timeout | duration | 500ms | Maximum wait time while attempting to write a response. |
| max_request_body_size | integer | 1048576 | Maximum size in bytes for the request body. Requests exceeding this limit will be rejected with an error. |
Log Processing & Headers
| Parameter | Type | Default | Description |
|---|---|---|---|
| split_logs_at_newline | boolean | false | If true, the source creates a separate log record for each line in the request body. |
| split_logs_at_json_boundary | boolean | false | If true, the source parses the request body as JSON and sends each object as a log. Splitting on newline overrides JSON boundary splitting, so enable only one at a time. |
| convert_headers_to_attributes | boolean | false | Adds all request headers as log attributes, excluding required headers if also set. |
| header_attribute_regex | string | none | Adds headers matching the supplied regex as log attributes. Header attributes are prefixed with header. Example: ^X-.*. |
Example Configuration
{
"path": "/events", // required, default: "/events"
"endpoint": "", // required, default: none
"health_path": "/health_check", // default: "/health_check"
"tls": {
"enable_tls": false, // required inside tls, default: false
"cert_file": "", // default: none
"key_file": "", // default: none
"client_ca_file": "", // default: none
"min_version": "1.3", // default: "1.3"
},
"read_timeout": "500ms", // default: "500ms"
"write_timeout": "500ms", // default: "500ms"
"max_request_body_size": 1048576, // default: 1048576
"split_logs_at_newline": false, // default: false
"split_logs_at_json_boundary": false, // default: false
"convert_headers_to_attributes": false, // default: false
"header_attribute_regex": "", // default: none
}