What is Log Forwarding?

2 min read Updated

Log forwarding is the practice of sending audit logs from the MCP proxy to external logging systems — such as SIEM platforms, S3 buckets, or Elasticsearch clusters — for centralised analysis, correlation, and long-term storage.

WHY IT MATTERS

An MCP proxy generates valuable security data — every tool call, every policy decision, every denial. But that data is only useful if it reaches the systems where security teams can analyse it. A proxy running in isolation, logging to its own local storage, creates an information silo. Security teams can't correlate agent behaviour with other system events, compliance teams can't include agent logs in their audit reports, and incident responders can't search agent activity alongside application and infrastructure logs.

Log forwarding solves this by shipping proxy logs to centralised platforms in real time or near-real time. The most common destinations are SIEM systems (Splunk, Datadog, Elastic Security) for security monitoring, object storage (S3, GCS) for long-term retention, and log aggregation platforms (Elasticsearch, Loki) for search and analysis.

The forwarding mechanism matters. Reliable log forwarding must handle network interruptions (buffering logs locally when the destination is unavailable), ensure ordering (so events can be reconstructed chronologically), and support structured formats (JSON, CEF) so downstream systems can parse and index the data without custom transformations.

Log Forwarding isn't theory — define it as policy in PolicyLayer and it's enforced on every tool call.

ENFORCE THIS WITH POLICY →

Enforced before the call runs. Nothing to install.

HOW POLICYLAYER USES THIS

PolicyLayer emits structured decision logs in JSON format, designed for forwarding to external systems. Logs can be sent to stdout for collection by container-native log agents (Fluentd, Vector, Filebeat), written to files for traditional log shippers, or sent directly to HTTP endpoints. The structured format includes all fields needed for downstream indexing — tool name, arguments, policy file, rule matched, decision, timestamp, and agent identity — so SIEM systems can create dashboards and alerts without custom parsing.

FREQUENTLY ASKED QUESTIONS

What log format does PolicyLayer use?
PolicyLayer emits structured JSON logs containing the tool call details, policy evaluation result, matched rule, and metadata. This format is natively supported by most log aggregation platforms and SIEM systems without custom parsers.
What happens if the log destination is unavailable?
Best practice is to use a log shipping agent (Fluentd, Vector) that buffers logs locally when the destination is unreachable and replays them when connectivity is restored. This prevents log loss during network interruptions without affecting proxy performance.
Can I forward logs to multiple destinations?
Yes. Using a log router like Vector or Fluentd, you can fan out PolicyLayer logs to multiple destinations simultaneously — for example, Splunk for security monitoring and S3 for long-term compliance retention.

FURTHER READING

Take your agents live. Without losing control.

Route your MCP traffic through PolicyLayer. Every tool call is checked against your policy before it runs: allow, deny, or require approval. Per-identity grants. Full audit log. Live in minutes.

Instant setup, no code required.

43,000+ MCP servers and 220,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.