Securing Logs with API Keys

VMware Aria Operations for Logs (SaaS) uses API keys to ensure the security of logs ingested by the VMware Aria Operations for Logs (SaaS) cloud proxy server.

Keys are generated and applied for you except for logs that you send to VMware Aria Operations for Logs (SaaS) through an HTTP POST API call. For these you must create the API key and use the key as an authorization header.

API keys are made up of a nickname and a key value. You can create, regenerate, or delete API keys. The same API key can be used with multiple authorization headers for multiple sources.

screen shot of API Key page

Specifying an API Key for a Log Source

The following curl script illustrates how a key is specified as part of a POST operation. The key shown on the Authorization line has been copied from an API key list on the API Key page:

curl -X POST \
  https://data.mgmt.cloud.vmware.com/le-mans/v1/streams/ingestion-pipeline-stream \
  -H 'Authorization:Bearer wj32145ROzycKFvsIh34aSfz8cONRmZ' \
  -H 'Content-Type:application/json' \
  -H 'structure:default' \
  -d '[{
       "text": "Thu, 01 Mar 2018 20:41:42 GMT Test Payload-test",
       "source": "myhost.vmware.com"
   }]'