The AWS Application Load Balancer functions at the application layer, receives requests, evaluates the listener rules in priority order to determine which rule to apply, and then selects a target from the target group. The Sumo Logic App for AWS Elastic Load Balancing ULM - Application is a unified logs and metrics (ULM) App that gives you visibility into the health of your Application Load Balancer and target groups. Use the preconfigured dashboards to understand the latency, request and host status, threat intel, and HTTP backend codes by availability zone and target group.
Metrics and Log Types
The App uses:
- The metrics included in the
AWS/ApplicationELBnamespace. For more details, see here.
- The Application Load Balancer Access Log introduces two new fields in addition to the fields contained in Classic ELB Access log:
- Type. This is the type of request or connection (HTTP, HTTPS, H2, ws, wss)
- Target_group_arn. This is the Amazon Resource Name (ARN) of the target group
The logs are stored in a .gzip format in the specified S3 bucket and contain these fields in this order:
timestamp, elb, client:port, target:port, request_processing_time, target_processing_time, response_processing_time, elb_status_code, target_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol, target_group_arn, trace_id
For more details on the ALB Access log, see the AWS documentation.