The Logging API exposes node, component, and container (task) logs.

The Logging API is backed by the DC/OS Log component, which runs on all nodes in the cluster.

For more information about using the Logging API, see Logging.

For usage examples, see Logging API Examples.


The Logging API preview was added in DC/OS 1.9.0.

Prior to DC/OS 1.9.0, all node, component, and container logs were managed by Logrotate.

In DC/OS 1.9.0, node and component logs are managed by journald. However, the Mesos task journald log sink was disabled due to journald performance issues. So container log files are still accessible via the Mesos task sandbox files API.


Access to the Logging API is proxied through the Admin Router on each node using the following route:


Access to the Logging API of the agent nodes is also proxied through the master nodes:


To determine the address of your cluster, see Cluster Access.


The API request header can be any the following:

  • text/plain, text/html, */* request logs in text format, ending with \n.
  • application/json request logs in JSON format.
  • text/event-stream request logs in Server-Sent-Events format.


All Logging API routes require authentication to use.

To authenticate API requests, see Obtaining an authentication token and Passing an authentication token.

The Logging API also requires authorization via the following permissions:

Route Permission
/system/v1/logs/v0/ dcos:adminrouter:ops:system-logs
/system/v1/agent/{agent_id}/logs/v0/ dcos:adminrouter:system:agent

All routes may also be reached by users with the dcos:superuser permission.

To assign permissions to your account, see Permissions Reference.


The following resources are available under both of the above routes: