Admin Guide
System administration and maintenance
This guide covers administrative tasks for managing your Glintlog installation.
Admin Panel
Access the admin panel at http://localhost:8080/admin (requires admin role).
The admin panel provides:
- System metrics (CPU, memory, uptime)
- Storage statistics
- User management
- API key management
- Settings configuration
- Log retention management
User Management
Creating Users
curl -X POST http://localhost:8080/api/v1/admin/users \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"email": "developer@example.com",
"password": "secure-password",
"role": "user"
}'Listing Users
curl http://localhost:8080/api/v1/admin/users \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN"Deleting Users
curl -X DELETE http://localhost:8080/api/v1/admin/users/user_id \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN"API Key Management
Create API Key
curl -X POST http://localhost:8080/api/v1/admin/api-keys \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name": "production-ingest",
"description": "Production log ingestion"
}'List API Keys
curl http://localhost:8080/api/v1/admin/api-keys \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN"Revoke API Key
curl -X DELETE http://localhost:8080/api/v1/admin/api-keys/ak_abc123 \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN"Storage Management
View Storage Statistics
curl http://localhost:8080/api/v1/admin/storage \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN"Response:
{
"database_size_bytes": 52428800,
"partitions": [
{"name": "logs_2024_01_15", "row_count": 15234, "size_bytes": 5242880},
{"name": "logs_2024_01_14", "row_count": 12000, "size_bytes": 4194304}
]
}Database Compaction
Trigger manual compaction to reclaim space:
curl -X POST http://localhost:8080/api/v1/admin/compact \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN"Manual Log Deletion
Delete logs within a specific time range:
curl -X DELETE "http://localhost:8080/api/v1/admin/logs?start=2024-01-01T00:00:00Z&end=2024-01-07T23:59:59Z" \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN"Retention Configuration
View Current Settings
curl http://localhost:8080/api/v1/admin/settings \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN"Update Retention
curl -X PUT http://localhost:8080/api/v1/admin/settings \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"retention_days": 60
}'How Retention Works
Glintlog uses daily table partitioning:
- Logs are stored in date-partitioned tables (
logs_YYYY_MM_DD) - A background job runs daily to clean up old partitions
- Partitions older than
retention_daysare dropped entirely - This approach is efficient - no row-by-row deletion
Ingestion Tuning
Batch Configuration
Configure batching for optimal ingestion performance:
curl -X PUT http://localhost:8080/api/v1/admin/settings \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"batch_size": 5000,
"flush_interval": "10s"
}'Recommendations:
| Scenario | Batch Size | Flush Interval |
|---|---|---|
| Low volume (under 100 logs/s) | 1000 | 5s |
| Medium volume (100-1000 logs/s) | 5000 | 5s |
| High volume (over 1000 logs/s) | 10000 | 2s |
Email Configuration
Configure email for password reset functionality:
SMTP
curl -X PUT http://localhost:8080/api/v1/admin/settings \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"email_provider": "smtp",
"smtp_host": "smtp.example.com",
"smtp_port": 587,
"smtp_user": "glintlog@example.com",
"smtp_password": "password",
"smtp_from": "glintlog@example.com"
}'Resend
curl -X PUT http://localhost:8080/api/v1/admin/settings \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"email_provider": "resend",
"resend_api_key": "re_abc123...",
"resend_from": "glintlog@yourdomain.com"
}'Security
JWT Secret Rotation
Rotate the JWT signing secret (invalidates all existing tokens):
curl -X POST http://localhost:8080/api/v1/admin/rotate-jwt-secret \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN"Audit Sessions
View active sessions:
curl http://localhost:8080/api/v1/admin/sessions \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN"IP Logging
Glintlog logs the IP address for each session. Review this in the admin panel to detect suspicious access patterns.
Monitoring
System Metrics
curl http://localhost:8080/api/v1/admin/metrics \
-H "Authorization: Bearer YOUR_ADMIN_TOKEN"Response:
{
"cpu_percent": 12.5,
"memory_percent": 45.2,
"memory_used_bytes": 1073741824,
"goroutines": 42,
"uptime_seconds": 86400
}Health Check
For load balancer health checks:
curl http://localhost:8080/healthBackup and Recovery
Backup
The DuckDB database is stored at ./data/glintlog.db in the working directory where Glintlog is running.
To backup:
# Stop Glintlog (recommended for consistent backup)
# Or use DuckDB's built-in export
cp /var/lib/glintlog/glintlog.db /backup/glintlog-$(date +%Y%m%d).dbRecovery
To restore from backup:
# Stop Glintlog
cp /backup/glintlog-20240115.db /var/lib/glintlog/glintlog.db
# Start GlintlogProduction Checklist
Before deploying to production:
- Set strong admin password
- Configure TLS (use reverse proxy like nginx)
- Set appropriate retention period
- Configure email for password reset
- Set up backups
- Monitor disk space for database growth
- Configure firewall rules for ports 4317/4318
- Create dedicated API keys for each environment
- Review and adjust batch settings for your volume
Troubleshooting
High Memory Usage
- Reduce
batch_size - Increase
flush_interval - Check for runaway queries
Slow Queries
- Add time range filters
- Use service filters
- Check partition sizes
Database Growth
- Reduce
retention_days - Run compaction
- Check for duplicate logs
Ingestion Failures
Check server logs for errors:
journalctl -u glintlog -fOr if running directly:
./glintlog 2>&1 | tee glintlog.log