Skip to main content
Logwiz exposes a small public HTTP API for ingesting logs into Quickwit and checking service health. All endpoints are served from your Logwiz instance URL and require no additional infrastructure beyond a running Logwiz deployment.

Base URL

All API requests are made to your Logwiz instance. Replace the example below with your own deployment URL. 
https://logs.example.com

Authentication

Ingest endpoints require a bearer token in the Authorization header. 
Authorization: Bearer <your-ingest-token>
Create and revoke ingest tokens in the Logwiz admin panel at Administration → Tokens. Each token is scoped to exactly one index — one token, one index. See Send Logs for the end-to-end setup flow.
The health check endpoint (GET /api/health) does not require authentication.

Content type

When sending log data to the ingest endpoint, set the Content-Type header to application/x-ndjson. The body must be newline-delimited JSON — one JSON object per line. 
Content-Type: application/x-ndjson

Endpoints

MethodPathDescription
POST/api/ingest/{indexId}Ingest one or more log events into a Quickwit index
GET/api/healthCheck the health of Logwiz and its dependencies

Error responses

All error responses return JSON with a message field describing the problem. 
{ "message": "Invalid ingest token" }
StatusMeaning
400Bad request — the body is empty or malformed
401Missing bearer token
403Token is invalid, revoked, or does not match the requested index
404Unknown index — Quickwit has no index with the given ID
413Request body exceeds the 10 MB limit
502Logwiz could not reach Quickwit to forward the request
503Quickwit is unhealthy or unavailable
Logwiz does not apply an application-level rate limit to the ingest endpoint. The LOGWIZ_RATE_LIMIT_WINDOW and LOGWIZ_RATE_LIMIT_MAX variables apply to the authentication endpoints only. Apply your own rate limiting at the reverse proxy or load balancer if you need it.