> ## Documentation Index
> Fetch the complete documentation index at: https://cockroachlabs.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Delete the Log Export configuration for a cluster

> Can be used by the following roles assigned at the organization, folder or cluster scope:
- ORG_ADMIN
- CLUSTER_ADMIN
- CLUSTER_OPERATOR_WRITER


<Note>This endpoint is in **Preview** and subject to change. Refer to the [API support policy](https://www.cockroachlabs.com/docs/stable/api-support-policy) for more details.</Note>


## OpenAPI

````yaml /openapi/cloud/latest.json delete /api/v1/clusters/{cluster_id}/logexport
openapi: 3.0.0
info:
  contact:
    email: support@cockroachlabs.com
    name: Cockroach Labs Support
    url: https://support.cockroachlabs.com
  description: An API for managing CockroachDB Cloud resources
  title: CockroachDB Cloud API
  version: '2024-09-16'
servers:
  - url: https://cockroachlabs.cloud
security:
  - Bearer: []
tags:
  - name: SCIM
  - name: Organizations
  - name: Clusters
  - name: Cluster Disruption
  - name: SQL Users
  - name: SQL Privilege Grants
  - name: Databases
  - name: Customer-managed Encryption Keys
  - name: Client CA Certificates
  - name: Cluster SSO
  - name: Log Export
  - name: Metric Export
  - name: Audit Logs
  - name: IP Allowlists
  - name: Egress Rules
  - name: Billing
  - name: Maintenance Windows
  - name: Blackout Windows
  - name: Role Management
  - name: Service Accounts
  - name: API Keys
  - name: Folders
  - name: Version Deferral
  - name: JWT Issuers
  - name: OpenID Connect Configuration
  - name: Private Endpoint Services
  - name: PCI
  - name: Physical Cluster Replication
  - name: Plan Migrations
  - name: Backup/Restore
  - name: Egress Private Endpoints
  - name: Multifactor Authentication
externalDocs:
  description: Use the CockroachDB Cloud API
  url: https://www.cockroachlabs.com/docs/cockroachcloud/cloud-api.html
paths:
  /api/v1/clusters/{cluster_id}/logexport:
    delete:
      tags:
        - Log Export
      summary: Delete the Log Export configuration for a cluster
      description: >
        Can be used by the following roles assigned at the organization, folder
        or cluster scope:

        - ORG_ADMIN

        - CLUSTER_ADMIN

        - CLUSTER_OPERATOR_WRITER
      operationId: CockroachCloud_DeleteLogExport
      parameters:
        - name: cluster_id
          in: path
          required: true
          schema:
            type: string
      responses:
        '200':
          description: A successful response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/LogExportClusterInfo'
        '400':
          description: Returned when a request field is invalid.
          content:
            application/json:
              schema: {}
        '401':
          description: Returned when the token bearer cannot be authenticated.
          content:
            application/json:
              schema: {}
        '403':
          description: >-
            Returned when the user does not have permission to access the
            resource.
          content:
            application/json:
              schema: {}
        '404':
          description: Returned when the resource does not exist.
          content:
            application/json:
              schema: {}
        '500':
          description: Server error
          content:
            application/json:
              schema: {}
        default:
          description: An unexpected error response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Status'
      x-codeSamples:
        - lang: Shell + Curl
          source: |-
            curl --request DELETE \
              --url https://cockroachlabs.cloud/api/v1/clusters/{cluster_id}/logexport \
              --header 'Authorization: Bearer REPLACE_BEARER_TOKEN'
components:
  schemas:
    LogExportClusterInfo:
      description: |-
        LogExportClusterInfo contains a package of information that fully
        describes both the intended state of the log export configuration for
        a specific cluster but also some metadata around its deployment
        status, any error messages, and some timestamps.
      type: object
      properties:
        cluster_id:
          type: string
        created_at:
          type: string
          format: date-time
        spec:
          $ref: '#/components/schemas/LogExportClusterSpecification'
        status:
          $ref: '#/components/schemas/LogExportStatus'
        updated_at:
          type: string
          format: date-time
        user_message:
          type: string
    Status:
      type: object
      properties:
        code:
          format: int32
          type: integer
        details:
          type: array
          items:
            $ref: '#/components/schemas/Any'
        message:
          type: string
    LogExportClusterSpecification:
      description: |-
        LogExportClusterSpecification contains all the data necessary to
        configure log export for an individual cluster. Users would supply
        this data via the API and also receive it back when inspecting the
        state of their log export configuration.
      type: object
      properties:
        auth_principal:
          description: |-
            auth_principal is either the AWS Role ARN that identifies a role
            that the cluster account can assume to write to CloudWatch or the
            GCP Project ID that the cluster service account has permissions to
            write to for cloud logging.
          type: string
        aws_external_id:
          description: >-
            aws_external_id, if set, is included when assuming the IAM role.
            Supported for

            Advanced clusters on AWS only.
          type: string
        azure_shared_key:
          description: >-
            The primary or the secondary connected sources client authentication
            key.

            This is used to export logs to Azure Log Analytics.
          type: string
        groups:
          description: |-
            groups is a collection of log group configurations to customize
            which CRDB channels get aggregated into different groups at the
            target sink. Unconfigured channels will be sent to the default
            locations via the settings above.
          type: array
          items:
            $ref: '#/components/schemas/LogExportGroup'
        log_name:
          description: log_name is an identifier for the logs in the customer's log sink.
          type: string
        omitted_channels:
          description: >-
            omitted_channels is a list of channels that the user does not want
            to

            export logs for.
          type: array
          items:
            type: string
        redact:
          description: |-
            redact controls whether logs are redacted before forwarding to
            customer sinks. By default they are not redacted.
          type: boolean
        region:
          description: |-
            region controls whether all logs are sent to a specific region in
            the customer sink. By default, logs will remain their region of
            origin depending on the cluster node's region.
          type: string
        type:
          $ref: '#/components/schemas/LogExportType'
    LogExportStatus:
      description: |-
        LogExportStatus encodes the possible states that a configuration can
        be in as it is created, deployed, and disabled.
      type: string
      enum:
        - DISABLED
        - DISABLING
        - DISABLE_FAILED
        - ENABLED
        - ENABLING
        - ENABLE_FAILED
        - CREDENTIALS_ERROR
    Any:
      description: >-
        `Any` contains an arbitrary serialized protocol buffer message along
        with a

        URL that describes the type of the serialized message.


        In its binary encoding, an `Any` is an ordinary message; but in other
        wire

        forms like JSON, it has a special encoding. The format of the type URL
        is

        described on the `type_url` field.


        Protobuf APIs provide utilities to interact with `Any` values:


        - A 'pack' operation accepts a message and constructs a generic `Any`
        wrapper
          around it.
        - An 'unpack' operation reads the content of an `Any` message, either
        into an
          existing message or a new one. Unpack operations must check the type of the
          value they unpack against the declared `type_url`.
        - An 'is' operation decides whether an `Any` contains a message of the
        given
          type, i.e. whether it can 'unpack' that type.

        The JSON format representation of an `Any` follows one of these cases:


        - For types without special-cased JSON encodings, the JSON format
          representation of the `Any` is the same as that of the message, with an
          additional `@type` field which contains the type URL.
        - For types with special-cased JSON encodings (typically called
        'well-known'
          types, listed in https://protobuf.dev/programming-guides/json/#any), the
          JSON format representation has a key `@type` which contains the type URL
          and a key `value` which contains the JSON-serialized value.

        The text format representation of an `Any` is like a message with one
        field

        whose name is the type URL in brackets. For example, an `Any` containing
        a

        `foo.Bar` message may be written `[type.googleapis.com/foo.Bar] { a: 2
        }`.
      type: object
      properties:
        '@type':
          description: >-
            Identifies the type of the serialized Protobuf message with a URI
            reference

            consisting of a prefix ending in a slash and the fully-qualified
            type name.


            Example: type.googleapis.com/google.protobuf.StringValue


            This string must contain at least one `/` character, and the content
            after

            the last `/` must be the fully-qualified name of the type in
            canonical

            form, without a leading dot. Do not write a scheme on these URI
            references

            so that clients do not attempt to contact them.


            The prefix is arbitrary and Protobuf implementations are expected to

            simply strip off everything up to and including the last `/` to
            identify

            the type. `type.googleapis.com/` is a common default prefix that
            some

            legacy implementations require. This prefix does not indicate the
            origin of

            the type, and URIs containing it are not expected to respond to any

            requests.


            All type URL strings must be legal URI references with the
            additional

            restriction (for the text format) that the content of the reference

            must consist only of alphanumeric characters, percent-encoded
            escapes, and

            characters in the following set (not including the outer backticks):

            `/-.~_!$&()*+,;=`. Despite our allowing percent encodings,
            implementations

            should not unescape them to prevent confusion with existing parsers.
            For

            example, `type.googleapis.com%2FFoo` should be rejected.


            In the original design of `Any`, the possibility of launching a type

            resolution service at these type URLs was considered but Protobuf
            never

            implemented one and considers contacting these URLs to be
            problematic and

            a potential security issue. Do not attempt to contact type URLs.
          type: string
      additionalProperties: {}
    LogExportGroup:
      description: |-
        LogExportGroup contains an export configuration for a single
        log group which can route logs for a subset of CRDB channels.
      type: object
      properties:
        channels:
          description: |-
            channels is a list of CRDB log channels to include in this
            group.
          type: array
          items:
            type: string
        enable_sending_queue:
          description: |-
            enable_sending_queue enables the sending queue for logs in this
            group. Only one group can have enable_sending_queue enabled.
          type: boolean
        log_name:
          description: log_name is the name of the group, reflected in the log sink.
          type: string
        min_level:
          $ref: '#/components/schemas/LogLevel.Type'
        redact:
          description: |-
            redact is a boolean that governs whether this log group
            should aggregate redacted logs. Redaction settings will
            inherit from the cluster log export defaults if unset.
          type: boolean
      required:
        - log_name
        - channels
    LogExportType:
      description: |-
        LogExportType encodes the cloud selection that we're exporting to
        along with the cloud logging platform.

        Currently, each cloud has a single logging platform.
      type: string
      enum:
        - AWS_CLOUDWATCH
        - GCP_CLOUD_LOGGING
        - AZURE_LOG_ANALYTICS
    LogLevel.Type:
      description: |2-
         - UNSPECIFIED: The unspecified log level includes all logs.
         - WARNING: The WARNING severity is used for situations which may require
        special handling, where normal operation is expected to resume
        automatically.
         - ERROR: The ERROR severity is used for situations that require special
        handling, where normal operation could not proceed as expected.
        Other operations can continue mostly unaffected.
         - FATAL: The FATAL severity is used for situations that require an
        immediate, hard server shutdown. A report is also sent to
        telemetry if telemetry is enabled.
      type: string
      enum:
        - UNSPECIFIED
        - WARNING
        - ERROR
        - FATAL
  securitySchemes:
    Bearer:
      type: http
      scheme: bearer

````