Skip to main content

AWS Elastic Load Balancing Logs

Log Type: AWS Elastic Load Balancing

Template Description: Parsing the common fields in your AWS Elastic Load Balancing log.

Sample Log:

2017-08-10T18:25:56 stag-www-lb 137.190.87.41:52888 10.168.203.134:23667 0.000803 0.048702 0.002085 200 200 2836 1169667 "POST https://dinihou.bounceme.net:443/api...7F6F78E33C7C00 HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.13+ (KHTML, like Gecko) Version/5.1.7 Safari/534.57.2" DHE-RSA-DES-CBC3-SHA SSLv3.0

Parsing Rule:

parse "* * *:* *:* * * * * * * * \"* *://*:*/* HTTP" as datetime, ELB_Server, clientIP, port, backend, backend_port, requestProc, ba_Response, cli_Response, ELB_StatusCode, be_StatusCode, rcvd, send, method, protocol, domain, server_port, path

Resulting Fields:

FieldDescriptionExample
datetimeTimestamp when the load balancer received the request from the client.2017-08-10T18:25:56
ELB_ServerName of the load balancer.stag-www-lb
clientIPThe client IP address. 137.190.87.41
portThe client port number.52888
backendIP address of the registered instance that processed this request.10.168.203.134
backend_portPort number of the registered instance that processed this request.23667
requestProc[HTTP listener] The total time elapsed, in seconds, from the time the load balancer received the request until the time it sent it to a registered instance.
[TCP listener] The total time elapsed, in seconds, from the time the load balancer accepted a TCP/SSL connection from a client to the time the load balancer sends the first byte of data to a registered instance.
0.000803
ba_Response[HTTP listener] The total time elapsed, in seconds, from the time the load balancer sent the request to a registered instance until the instance started to send the response headers.
[TCP listener] The total time elapsed, in seconds, for the load balancer to successfully establish a connection to a registered instance.
0.048702
cli_Response[HTTP listener] The total time elapsed (in seconds) from the time the load balancer received the response header from the registered instance until it started to send the response to the client. This includes both the queuing time at the load balancer and the connection acquisition time from the load balancer to the back end.
[TCP listener] The total time elapsed, in seconds, from the time the load balancer received the first byte from the registered instance until it started to send the response to the client.
0.002085
ELB_StatusCodeThe status code of the response from the load balancer.200
be_StatusCodeThe status code of the response from the registered instance.200
rcvdThe size of the request, in bytes, received from the client.2836
sendThe size of the response, in bytes, sent to the client.1169667
methodHTTP request method.POST
protocolThe request protocol from the client.https
domainThe request domain from the client.dinihou.bounceme.net
server_portThe request server port from the client .443
pathThe path requested from the client.api/v1/search/jobs/597F6F78E33C7C00
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.