Skip to content

LogDNA Ingestion Key

Service Name: LogDNA (now Mezmo)

Service Description: LogDNA (rebranded as Mezmo) is a log management platform that helps organizations collect, analyze, and monitor logs from various sources in real-time. It provides powerful search capabilities, customizable dashboards, and alerting features to help teams troubleshoot issues and gain insights from their log data.

Service Address: https://www.mezmo.com/ (formerly logdna.com)

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the account level through the LogDNA web interface.

Secret Access Scope: Grants the ability to ingest logs into a specific LogDNA account. Ingestion keys allow applications and systems to send log data to LogDNA but do not provide access to view or manage logs.

Secret Revokement URL: https://app.logdna.com/manage/api-keys

Secret Example: 1a2b3c4d5e6f7g8h9i0j1k2l3m4n5o6p

Suspicious Activity Investigation Instructions:

  • Review the LogDNA dashboard for unusual log volume spikes or unexpected sources.
  • Check for logs being sent from unfamiliar IP addresses or hostnames.
  • Examine the LogDNA usage metrics for abnormal ingestion patterns.
  • Review the "Sources" section in LogDNA to identify any unauthorized systems sending logs.
  • Check for any unauthorized applications or services that might be using the ingestion key.

Mitigation Instructions:

  • Log in to your LogDNA/Mezmo account at https://app.logdna.com/.
  • Navigate to Settings > Organization > API Keys.
  • Locate the compromised ingestion key.
  • Click the trash icon next to the key to delete it.
  • Generate a new ingestion key if needed.
  • Update all legitimate applications and systems with the new ingestion key.
  • Consider implementing IP restrictions for your ingestion keys if available.
  • Review and update your secret management practices to prevent future exposures.