CLB supports configuring layer-7 (HTTP/HTTPS) access logs that can help you better understand client requests, troubleshoot issues, and analyze user behaviors. Currently, access logs can be stored in CLS, reported at a minute granularity, and searched online by multiple rules.

Access logs of CLB are mainly used to quickly locate and troubleshoot issues. The access logging feature includes log reporting, storage, and search:

• Log reporting provides best-effort service, that is, it prioritizes service forwarding over log reporting.
• Log storage and search provide SLA based on the storage service currently in use.

Note：

• Currently, access logs can be stored in CLS only for layer-7 protocols (HTTP/HTTPS) but not layer-4 protocols (TCP/UDP/TCP SSL).

• Storing CLB access logs in CLS is now free of charge. You only need to pay for the CLS service.
• Currently, access logs can be stored in CLS in the Guangzhou, Shanghai, Nanjing, Beijing, Chongqing, Chengdu, Hong Kong (China), Singapore, Mumbai, Silicon Valley, Toronto, and Frankfurt regions through the console or APIs.

Enabling Access Log Storage in CLS

1. Log in to the CLB Console.
2. Click the ID of the CLB instance to be configured to enter the "Basic Information" page.
3. In the "Log Access" module, edit "Cloud Log Service".
   
4. In the pop-up box, enable access logging and select the destination logset and log topic for access log storage. If you haven't created a logset or log topic yet, please create relevant resources and then select them as the storage location.
   
5. Click Submit and access logs will be collected into the corresponding topic.
6. Then, click the logset or log topic to redirect to the log search page in CLS.
7. (Optional) If you want to disable access logging, you can edit "Cloud Log Service" again to disable it and submit in the pop-up window.

Searching for Access Log

Step 1. Configure log topic indexes

Note：

The log topics must be configured with indexes; otherwise, no logs can be searched for.

The recommended indexes are as follows:

The steps are as follows:

1. Log in to the CLS Console.
2. On the left sidebar, click Logset to enter the "Logset Management" page.
3. Click a logset ID to enter the logset details page.
4. On the logset details page, click a log topic ID to enter the log topic details page.
   
5. On the log topic details page, select the Index Configuration tab. You can select some variables from the log variables and configure the index fields as needed. For more information on how to configure, please see Enabling Index.
   
6. The result of index configuration is as shown below:
   

Step 2. Search for access logs

1. Log in to the CLS Console.
2. On the left sidebar, click Search and Analysis to enter the "Search Analysis" page.
3. On the "Search Analysis" page, select a logset, log topic, and time range, and click Search Analysis to search for the access logs reported by CLB to CLS. For more information on the search syntax, please see Syntax and Rules.
   

Log Format and Variable Description

Log format

[$stgw_request_id] [$time_local] [$protocol_type] [$server_addr:$server_port] [$server_name] [$remote_addr:$remote_port] [$status] [$upstream_addr] [$upstream_status] [$proxy_host] [$request] [$request_length] [$bytes_sent] [$http_host] [$http_user_agent] [$http_referer] [$request_time] [$upstream_response_time] [$upstream_connect_time] [$upstream_header_time] [$tcpinfo_rtt] [$connection] [$connection_requests] [$ssl_handshake_time] [$ssl_cipher] [$ssl_protocol] [$vip_vpcid]

Field type

Currently, CLS supports the following three field types:

Log variable description