CLB supports configuring layer-7 (HTTP/HTTPS) access logs that can help you better understand client requests, troubleshoot issues, and analyze user behaviors. Currently, access logs can be stored in CLS, reported at a minute granularity, and searched online by multiple rules.
Access logs of CLB are mainly used to quickly locate and troubleshoot issues. The access logging feature includes log reporting, storage, and search:
- Currently, access logs can be stored in CLS only for layer-7 protocols (HTTP/HTTPS) but not layer-4 protocols (TCP/UDP/TCP SSL).
- Configuring CLB access logs to be stored in CLS is now free of charge. You only need to pay for the CLS service.
- Currently, access logs can be stored in CLS in the Guangzhou, Shanghai, Nanjing, Beijing, Chengdu, Chongqing, Hong Kong (China), Singapore, Mumbai, Seoul, Tokyo, Silicon Valley, Virginia, Toronto, and Frankfurt regions through the console or APIs.
The log topics must be configured with indexes; otherwise, no logs can be searched for.
The recommended indexes are as follows:
|Key-Value Index||Field Type||Delimiter|
|server_addr||text||No delimiter required|
|server_name||text||No delimiter required|
|http_host||text||No delimiter required|
The steps are as follows:
[$stgw_request_id] [$time_local] [$protocol_type] [$server_addr:$server_port] [$server_name] [$remote_addr:$remote_port] [$status] [$upstream_addr] [$upstream_status] [$proxy_host] [$request] [$request_length] [$bytes_sent] [$http_host] [$http_user_agent] [$http_referer] [$request_time] [$upstream_response_time] [$upstream_connect_time] [$upstream_header_time] [$tcpinfo_rtt] [$connection] [$connection_requests] [$ssl_handshake_time] [$ssl_cipher] [$ssl_protocol] [$vip_vpcid]
Currently, CLS supports the following three field types:
|long||Integer type (Int 64)|
|double||Floating point type (64-bit)|
|time_local||Access time and time zone, such as "01/Jul/2019:11:11:00 +0800" where "+0800" represents UTC+8, i.e., Beijing time.||text|
|protocol_type||Protocol type (HTTP/HTTPS/SPDY/HTTP2/WS/WSS).||text|
|server_port||CLB VPort, i.e., the listening port.||long|
|server_name||`server_name` of a rule, i.e., the domain name configured in a CLB listener.||text|
|status||Status code returned to client.||long|
|upstream_status||Status code returned by RS to CLB.||text|
|request_length||Number of bytes of request received from client.||long|
|bytes_sent||Number of bytes sent to client.||long|
|http_host||Request domain name, i.e., the host of the HTTP header.||text|
|http_user_agent||`user_agent` field of the HTTP header.||text|
|http_referer||HTTP request source.||text|
|request_time||Request processing time. The timing begins when the first byte is received from the client and stops when the last byte is sent to the client, i.e., the total time the whole process takes, where the client request reaches a CLB instance, the CLB instance forwards the request to an RS, the RS responds and sends data to the CLB instance, and finally the CLB instance forwards the data to the client.||double|
|upstream_response_time||The time that an entire backend request process takes. The timing begins when a CLB instance connects with an RS and stops when the RS receives the request and responds.||double|
|upstream_connect_time||The time it takes to establish a TCP connection with an RS. The timing begins when a CLB instance connects with an RS and stops when it sends the HTTP request.||double|
|upstream_header_time||The time it takes to receive an HTTP header from the RS. The timing begins when a CLB instance connects with an RS and stops when the HTTP response header is received from the RS.||double|
|tcpinfo_rtt||TCP connection RTT.||long|
|connection_requests||Number of requests on connection.||long|
|ssl_handshake_time||The time that an SSL handshake takes.||double|
|ssl_cipher||SSL cipher suite.||text|
|ssl_protocol||SSL protocol version.||text|
|vip_vpcid||VPC ID of a CLB VIP; the `vip_vpcid` of a public network CLB instance is `-1`.||long|