> ## Documentation Index
> Fetch the complete documentation index at: https://bunnynet-cb9733c2-support-migration.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Log Forwarding

> Forward CDN access logs in real-time to your Syslog endpoint for monitoring and analysis.

# What is Log Forwarding?

Log Forwarding enables you to receive raw logs in real-time to the configured Syslog destination. There might be up to a 10-30 second delay between an actual request and the log hitting your Syslog endpoint.

# Log format

The logs are sent in the standard Syslog RFC 5424 format. The log value is formatted in the [bunny.net Log Format](/cdn/logging). An example log would look like this:

```bash theme={null}
<165>1 2021-01-01T22:14:15.003Z mymachine.example.com evntslog - ID47 [exampleSDID@32473 iut="3" eventSource="BunnyCDN" eventID="1011"] BOMHIT|200|1507167062421|412|390|163.172.53.229|-|https://bunnycdn.b-cdn.net/assets/landingpage/images/cdn-video-preview-from-a-blue-moon.m4v|WA|Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36|322b688bd63fb63f2babe9de30a5d262|DE
```

<Info>
  ### UDP reliability

  The UDP protocol is unaware of lost packets and does not contain an auto-retry mechanism. This means that in a case of packet loss or connectivity issue between your forwarding endpoint and our logging service, some packets might get lost on the way.

  While this is likely a rare occurrence, it is important to keep in mind in case your logging relies on receiving 100% of the requests.
</Info>

<Warning>
  ### UDP security

  The [UDP protocol](https://bunny.net/academy/network/what-is-user-datagram-protocol-udp-and-how-does-it-work) does not provide a layer of security. This means all the logs are sent to your endpoint in a raw, unencrypted form. While unlikely, please note that those might be vulnerable to a potential **man-in-the-middle attack** if you send critical information as part of your logs.
</Warning>

<Danger>
  Please note: We aim to forward all logs, but cannot guarantee 100% delivery due to transient network issues. For precise reporting, use the CDN Logging API or Statistics API.
</Danger>

# How to configure Log Forwarding?

To enable realtime Log Forwarding, you can follow the following steps:

1. Visit your **Pull Zone** details page
2. Open the **Security** panel in the left-side menu
3. Open the **Logging** panel inside of the Security panel
4. Make sure that the **Enable Logging** feature is enabled
5. Enable the **Enable Log Forwarding** feature
6. Enter the **Hostname** of your Syslog endpoint. This can be either an IP or a host address where your listening server is enabled.
7. Enter the **Port** of your Syslog endpoint. Make sure the port is open to the internet, as otherwise our servers will not be able to reach you
8. (Optional) Configure the token
9. Click on the **Save Forwarding Configuration** button
10. Fire up a couple of requests to bunny.net and monitor your endpoint for new logs