tencent cloud

Note：

The feature of storing access logs in COS will stop accepting new enablement requests after 00:00:00, May 15, 2020 (00:00:00, April 26, 2020 for the Guangzhou region) and will be officially disused after 00:00:00, June 30, 2020. Please use the upgraded feature of storing access logs in CLS.

CLB supports configuring layer-7 (HTTP/HTTPS) access logs that can help you better understand client requests, troubleshoot issues, and analyze access data. Currently, access logs can be stored in COS for download and analysis, and supported regions include Guangzhou, Shanghai, Beijing, Hong Kong (China), Shanghai Finance, and Shanghai Finance.

Access logs of CLB are mainly used to quickly locate and troubleshoot issues. The access logging feature includes log reporting, storage, and search:

• Log reporting provides best-effort service, that is, it prioritizes service forwarding over log reporting.
• Log storage and search provide SLA based on the storage service currently in use.

Note：

• Currently, log aggregation granularity is 1 hour, and log data transfer may have a delay.
• Currently, CLB supports storing and downloading access logs of public network layer-7 (HTTP/HTTPS) CLB instances but not layer-4 (TCP/UDP) or private network layer-7 CLB instances.
• The log service for CLB is free of charge. A free COS storage capacity of 50 GB is provided for individual users as specified in Free Tier. If you have a high number of logs, please clean them up in a timely manner.
• In the regions that support storing access logs in COS, if the access logging feature is not enabled, Tencent Cloud will retain the logs for three days by default; otherwise, the retention period will be subject to the COS configuration. Access log cannot be configured in other regions.

Enabling Access Log Storage in COS

1. Log in to the CLB Console.
2. On the "CLB Instance" list page, click the ID of the CLB instance to be configured to enter the "Basic Information" page.
3. In the "Access Log" module, edit "Store Logs in COS".
4. Enable access logging in the pop-up window and select a destination COS bucket. If you have not created any COS bucket yet, you can create a bucket and select it for log storage.
   
5. Click Submit and a folder named lb-id will be automatically created in the bucket for request logs.
6. Then, click the bucket address to enter the log download page.

Disabling Access Log Storage in COS

1. Log in to the CLB Console.
2. On the "CLB Instance" list page, click the ID of the CLB instance to be configured to enter the "Basic Information" page.
3. In the "Access Log" module, edit "Store Logs in COS".
4. In the pop-up box, disable access log and click Submit.
   The configuration result is as follows. Log storage in COS cannot be enabled again after it is disabled.

Log Format and Variable Description

Log format

[$stgw_request_id] [$time_local] [$protocol_type] [$server_addr:$server_port] [$server_name] [$remote_addr:$remote_port] [$status]  [$upstream_status] [$proxy_host] [$request] [$request_length] [$bytes_sent] [$http_host] [$http_user_agent] [$http_referer]
[$request_time] [$upstream_response_time] [$upstream_connect_time] [$upstream_header_time] [$tcpinfo_rtt] [$connection] [$connection_requests] [$ssl_handshake_time] [$ssl_cipher] [$ssl_protocol] [$ssl_session_reused]

Log variable description