Authentication tokens

logging24 uses tokens for both ingest and query access. The CLI accepts tokens in three forms: environment references, file references, and raw token strings.

Token types

Read token	Required for `l24 query` and `l24 monitor` .
Write token	Required for `l24 forward` and `l24 import` .

Supported input formats

`env://CUSTOM_VAR_NAME`	Read the token from an environment variable.
`file:///etc/l24/token`	Read the token from a file.
`plain-token-value`	Raw token on the command line. Works, but not recommended.

Recommended usage

export L24_READ_TOKEN='your-read-token'
export L24_WRITE_TOKEN='your-write-token'

l24 query --customer "$L24_CUSTOMER" ".*ERROR.*" env://L24_READ_TOKEN
l24 forward -t env://L24_WRITE_TOKEN tail /var/log/syslog

Security notes

Prefer env:// or file:// over raw command-line tokens.
Raw tokens may end up in shell history and process listings.
Restrict permissions on token files if you use file:// .
Use read tokens for read-only workflows and write tokens only where ingest is required.

Authentication tokens

Token types

Supported input formats

Recommended usage

Security notes

Related links

Log In