Ingest Tokens

Ingest Tokens are unique per-repository tokens that allow you to send data to a specific repository.

You need to Generate a Token and then used the token when configuring data ingestion to your repositories, see Log Shippers or Ingest API for details on how they are used in different ingest methods..

Ingest Tokens can only be used to ingest data, meaning you cannot use them to query Humio, log in, or read any data.

Ingest tokens are tied to a repository not a user. This provides a better way of managing access control and is more convenient for most use cases. For example, if a user leaves the organization or project, you do not need to reprovision all agents that send data with a new token. You also don't have to create fake user accounts.

Additionally Humio provides the possibility to generate Personal API Tokens which are user specific tokens aimed at admin tasks. Personal API Tokens should not be used to ingest data.

Generating Ingest Tokens and Assigning Parsers

From the Repository Settings page you can manage ingest tokens and assign a parser to a token. For more information on the actions you can perform from the repositories settings page see Basic Information.

Generate Token

Figure 33. Generate Token


Generate a Token

  1. Select a repository from the repositories and views page and click Settings on the menu.

  2. To add a token to this repository, click Ingest tokens under Ingest.

  3. Click + Add Token. You will be prompted to provide a token name to identify the token. You may want to use this to identify the token you have assigned to a specific host, data source, log type or other identifier.

  4. You can optionally set an Assigned Parser by selecting a parser from the pop-up list. For more information on parsers see Parsers.

  5. Click + Save.

Important

Your API token is only revealed once at creation. Although you cannot view a token that has already been created, you can always generate a new token.

Edit a Token

You can edit the parser assigned to a token by editing a token.

  1. Select a repository from the repositories and views page and click Settings on the menu.

  2. To edit a token, click Ingest tokens under Ingest.

  3. Click the three dots icon next the token you want to edit and click Edit token. Editing the token allows you to modify the assigned parser. once you have made the required changes click Save.

Delete a Token

You can delete a token but note that deleting the token will prevent any existing ingest processes using that token to ingest data to Humio.

  1. Select a repository from the repositories and views page and click Settings on the menu.

  2. To delete a token, click Ingest tokens under Ingest.

  3. Click the three dots icon next the token you want to delete and click Delete token. Click Confirm to permently delete the token.

Custom Tokens

We highly recommended you use automatically generated tokens whenever possible, but custom ingest tokens can be useful in cases where you already have a token in use and want Humio to accept it, or where the log shipper requires tokens in a format that is not compatible with the ones automatically generated by Humio.

Generally, ingest tokens should be sufficiently complex such that they are not easy to guess. When creating custom ingest tokens, it is your responsibility to ensure this.

To use custom tokens, the feature "CustomTokens" must first be enabled. This can be done by making the following GraphQL mutation (see GraphQL API

graphql
mutation {
    enableFeature(feature: CustomIngestTokens)
}

Once enabled, root users can then create custom tokens via the GraphQL API:

graphql
mutation {
    addIngestTokenV3(
        repositoryName: "sandbox",
        name: "MyIngestToken",
        parser: "kv",
        customToken: "3413c26781c287f289895883e8e45315",
    ) {
        ingestToken {
            name
           token
        }
    }
}