A Log Stream with the same type, endpoints, and field values has been created on 2 tenants in different environments. One is successfully streaming logs, while the other is returning errors, most commonly a timeout.

HTTP request to <redacted-customer-endpoint> exceeded 5 seconds limit

• Log Streams
• IP
• Allowlist
• Private Cloud

Auth0 has a 5-second timeout for Log Stream delivery, which is hardcoded and cannot be changed. The Log Stream service may require Auth0 IPs to be allowlisted for the endpoint to be accessible, and the IPs may differ if the two tenants are in different environments/regions.

According to the Private Cloud tenants documentation, the IP addresses that must be allowed through the firewall are unique to the tenant’s environment. These IP addresses are known as "Primary Egress IPs" and are listed under the environment’s configuration data available in the Auth0 Support Center.

Public cloud tenants may also differ in IPs if they are in different regions. For these tenants, the list of IPs can be found by consulting the Auth0 IP Addresses for Allow Lists documentation.

If even after allowlisting the correct Auth0 IPs, timeouts still occur, it may be due to misconfigured firewalls that continue to block traffic they interpret as suspicious, or to network latency between Auth0 and the endpoint.