Troubleshooting Log Drain Issues
Last updated: June 9, 2025
If you notice your logs have stopped flowing to your logging provider (like Sumo Logic, Papertrail, or Elasticsearch), there are several common causes and solutions to investigate.
Common Causes
Logging Provider Issues
Often, logging interruptions are caused by issues with the logging provider's service:
Check your logging provider's status page (e.g., status.sumologic.com, papertrailstatus.com)
Your provider may be experiencing degraded log collection services
The provider may be throttling log ingestion due to high volume
High Log Volume
Sudden spikes in log volume can cause interruptions:
The log drain may become temporarily overwhelmed
Your logging provider may throttle ingestion
For Elasticsearch destinations, storage exhaustion can cause log rejection
Solutions
Initial Steps
Verify if the issue affects all environments or just specific ones
Check your logging provider's status page for known issues
Monitor if logs resume on their own after provider incidents are resolved
If Issues Persist
Contact Aptible support if:
Logs don't resume after provider incidents are resolved
You need temporary log drain resources increased to handle higher volume
You need missing logs retrieved from Aptible's retention
Aptible retains logs internally and can deliver missing logs on request if needed.
Prevention
To prevent log drain issues:
Monitor log volume and set up alerts for unusual spikes
For Elasticsearch destinations, monitor storage usage and scale before reaching capacity
Consider using multiple log drains for critical environments