Skip to main content
LogFleet uses rate limiting to ensure fair usage and protect the platform from abuse. This guide explains how rate limiting works and how to handle it in your applications.

Rate Limit Overview

Different endpoint groups have different rate limits:
Endpoint GroupRate LimitWindow
Authentication (/auth/*)10 requestsper minute
Dashboard (/dashboard/*)60 requestsper minute
Management (/agents, /api-keys)100 requestsper minute
Streaming (/stream/*)10 requestsper minute
Billing (/billing/*)30 requestsper minute
Metric Configs (/metric-configs/*)100 requestsper minute
Edge API (/edge/*)1000 requestsper minute

Rate Limit Headers

Every API response includes rate limit information: 
HTTP/1.1 200 OK
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 95
X-RateLimit-Reset: 1705312800
HeaderDescription
X-RateLimit-LimitMaximum requests allowed in window
X-RateLimit-RemainingRequests remaining in current window
X-RateLimit-ResetUnix timestamp when the window resets

Handling Rate Limits

When you exceed the rate limit, you’ll receive a 429 Too Many Requests response: 
HTTP/1.1 429 Too Many Requests
Content-Type: application/json
Retry-After: 45

{
  "error": "rate_limit_exceeded",
  "message": "Rate limit exceeded. Try again in 45 seconds.",
  "retry_after": 45
}

Retry Strategy

Implement exponential backoff with jitter: 
async function fetchWithRetry(url, options, maxRetries = 3) {
  for (let attempt = 0; attempt < maxRetries; attempt++) {
    const response = await fetch(url, options);

    if (response.status !== 429) {
      return response;
    }

    const retryAfter = parseInt(response.headers.get('Retry-After') || '60');
    const jitter = Math.random() * 1000; // 0-1 second jitter
    const delay = (retryAfter * 1000) + jitter;

    console.log(`Rate limited. Retrying in ${delay}ms...`);
    await new Promise(resolve => setTimeout(resolve, delay));
  }

  throw new Error('Max retries exceeded');
}

Best Practices

1. Monitor Rate Limit Headers

Track your remaining quota and slow down before hitting limits: 
function checkRateLimit(response) {
  const remaining = parseInt(response.headers.get('X-RateLimit-Remaining'));
  const limit = parseInt(response.headers.get('X-RateLimit-Limit'));

  if (remaining < limit * 0.1) {
    console.warn(`Rate limit warning: ${remaining}/${limit} remaining`);
  }
}

2. Batch Requests

When possible, use batch endpoints instead of individual requests: 
# Instead of multiple individual requests
GET /api/v1/agents/id1
GET /api/v1/agents/id2
GET /api/v1/agents/id3

# Use list with filters
GET /api/v1/agents?ids=id1,id2,id3

3. Cache Responses

Cache responses that don’t change frequently: 
const cache = new Map();
const CACHE_TTL = 60000; // 1 minute

async function getCachedOrFetch(url, options) {
  const cached = cache.get(url);
  if (cached && Date.now() - cached.timestamp < CACHE_TTL) {
    return cached.data;
  }

  const response = await fetch(url, options);
  const data = await response.json();

  cache.set(url, { data, timestamp: Date.now() });
  return data;
}

4. Use Webhooks

For real-time updates, use webhooks instead of polling: 
# Instead of polling every second
while true; do
  curl https://api.logfleet.io/api/v1/agents
  sleep 1
done

# Configure a webhook to receive updates
POST /api/v1/webhooks
{
  "url": "https://your-app.com/webhook",
  "events": ["agent.status_changed"]
}

Edge API Rate Limits

Edge agents have higher rate limits (1000 req/min) to accommodate:
  • Heartbeats every 30 seconds
  • Metrics every 60 seconds
  • Config syncs every 60 seconds
With multiple agents, ensure your total request rate stays within limits:
AgentsHeartbeats/minMetrics/minConfig/minTotal/min
1020101040
501005050200
100200100100400
50010005005002000 ⚠️
If you have more than ~300 agents, contact support to discuss rate limit increases.

Rate Limits by Plan

Higher-tier plans have increased rate limits:
PlanManagementDashboardEdge API
Free100/min60/min1000/min
Pro500/min300/min5000/min
EnterpriseCustomCustomCustom

Troubleshooting

  1. Check if you have retry loops without proper backoff
  2. Verify you’re not making duplicate requests
  3. Review the X-RateLimit-Remaining header to see your usage
  4. Consider caching frequently-accessed data
  1. Verify heartbeat/metrics intervals aren’t too aggressive
  2. Check total agent count vs. edge API limits
  3. Ensure agents aren’t retrying failed requests too quickly
  4. Contact support if you need higher limits
Enterprise customers can request custom rate limits. Contact [email protected] with:
  • Your organization ID
  • Current usage patterns
  • Required limits and justification