tencent cloud

CLB supports configuring layer-7 (HTTP/HTTPS) access logs that can help you better understand client requests, troubleshoot issues, and analyze user behaviors. Currently, access logs can be stored in CLS, reported at a minute granularity, and searched online by multiple rules.

Access logs of CLB are mainly used to quickly locate and troubleshoot issues. The access logging feature includes log reporting, storage, and search:

• Log reporting provides best-effort service, that is, it prioritizes service forwarding over log reporting.
• Log storage and search provide SLA based on the storage service currently in use.

Note：

• Currently, access logs can be stored in CLS only for layer-7 protocols (HTTP/HTTPS) but not layer-4 protocols (TCP/UDP/TCP SSL).

• Storing CLB access logs to CLS is now free of charge. You only need to pay for the CLS service.
• This feature is only supported in CLS available regions. See Available Regions.

Method 1: Single-Instance Access Logging

Step 1. Enable access log storage in CLS

1. Log in to the CLB console, and click Instance Management on the left sidebar.
2. Click the CLB instance ID to open the Instance Management page.
3. Click the pencil icon in the Access Log (Layer-7) module on the Basic Information page.
   
4. In the pop-up Modify CLS Log Storage Location window, enable logging and select the destination logset and log topic for access log storage, and then click Submit. If you haven't created a logset or log topic yet, please create relevant resources and then select them as the storage location.
   

   Note：

   You are recommended to use a log topic marked with "CLB" in the clb_logset logset. The differences between a log topic marked with "CLB" and a common one are:

   • CLB log topics can automatically create an index, while a common log topic requires manual index creation.
   • A dashboard is provided for CLB log topics by default, but needs to be manually configured for a common log topic.

5. Click the logset or log topic to redirect to the log search page in CLS.
6. (Optional) To disable logging, click the pencil icon to open Modify CLS Log Storage Location window, and disable it.

Step 2. Configure log topic indexes

Note：

If the access log is configured for a single instance, you must configure the index for the log topic; otherwise, no logs can be found.

The recommended indexes are as follows:

The steps are as follows:

1. Log in to the CLS Console, and click Log Topic on the left sidebar.
2. Click the target log topic ID on the "Log Topic" page.
3. On the log topic details page, select the Index Configuration tab, and click Edit to add indexes. See Configuring Index for more information on index configuration.
   
4. The result of index configuration is as shown below:
   

Step 3. View access logs

1. Log in to the CLS Console and click Search and Analysis on the left sidebar.
2. On the Search Analysis page, select a logset, log topic, and time range, and click Search Analysis to search for the access logs reported by CLB to CLS. See Legacy CLS Search Syntax for more information on search syntax.
   

Method 2: Batch configure access logging

Step 1. Create logsets and log topics

To configure access logs in CLS, you need to first creat a logset and log topic.
You can directly jump to Step 2 if you have created a logset and log topic.

1. Log in to the CLB Console and select Access Logs on the left sidebar.
2. On the Access Logs page, select a region for the logset, and then click Create Logset in the "Logset Information" section.
3. In the pop-up Create Logse" dialog box, set the retention period and click Save.

   Note：

   You can only create a single logset named "clb_logset" in each region.

4. Click Create Log Topic in the Log Topic section of the "Access Logs" page.
5. In the pop-up window, select a CLB instance to add to the list on the right, and then click Save.

   Note：

   • When creating a log topic, you can add a CLB instance as needed. To add one, select a log topic in the list and click Manage in the operation column. Each CLB instance can only be added to one log topic.
   • A logset can contain multiple log topics. You can categorize CLB logs into various log topics which will be marked with "CLB".

6. (Optional) To disable logging, just click Disable.

Step2. View access logs

Without any manual configurations, CLB has been automatically configured with index search by access log valuable. You can directly query access logs through search and analysis.

1. Log in to the CLB Console and select Access Logs on the left sidebar.
2. Select a log topic, and click Search in the operation column to redirect to the Search Analysis page in the CLS Console.
3. On the Search Analysis page, enter the search syntax in the input box, select a time range, and then click Search Analysis to search for access logs reported by CLB to CLS.

   Note：

   See Syntax and Rules for more information on search syntax.

Log Format and Variable Description

Log format

[$stgw_request_id] [$time_local] [$protocol_type] [$server_addr:$server_port]  [$server_name] [$remote_addr:$remote_port] [$status] [$upstream_addr] [$upstream_status] [$proxy_host] [$request] [$request_length] [$bytes_sent] [$http_host] [$http_user_agent] [$http_referer] [$request_time] [$upstream_response_time] [$upstream_connect_time] [$upstream_header_time] [$tcpinfo_rtt] [$connection] [$connection_requests] [$ssl_handshake_time] [$ssl_cipher] [$ssl_protocol] [$vip_vpcid] [$uri] [$server_protocol]

Field type

Currently, CLS supports the following three field types:

Log variable description

Field Typetext

Default search log valuable

The following fields can be found in logsets with "CLB" by default:
Field Type