You can receive logs from your CDN resources. Contact us via chat or email to email@example.com to enable the option (it is a paid feature). Once the feature is enabled you will be able to set it up in the Control Panel.
We use two protocols to deliver logs: S3 and FTP.
You should set up a storage on your side to start receiving the logs.
If you want to receive logs to your Amazon storage specify AWS Access Key ID, AWS Secret Access Key and Region (optional).
If you choose Other, fill in Hostname, Access Key ID and Secret Access Key. If you use Yandex.Cloud or our S3 storage, fill in Bucket hostname.
Specify Hostname, Login, Password and Prepend folder (optional).
A port number can be added to your Hostname if needed: <hostname>:<port>.
Both delivery methods allow you to put logs either in one bucket or into different buckets in your storage.
"$remote_addr" "-" "$remote_user" "[$time_local]" "$request" "$status"
"$body_bytes_sent" "$http_referer" "$http_user_agent" "$bytes_sent"
"$sent_http_content_size" "$scheme" "$host" "$request_time"
"$upstream_response_time" "$request_length" "$http_range" "[$responding_node]"
"$upstream_cache_status" "$upstream_response_length" "$upstream_addr"
"$gcdn_api_client_id" "$gcdn_api_resource_id" "$uid_got" "$uid_set"
"$geoip_city_country_code" "$geoip_city" "$shield_type" "$server_addr"
"$upstream_status" "-" "$upstream_connect_time" "$upstream_header_time"
"0.0.0.0" "-" "-" "[26/Apr/2019:09:47:40 +0000]" "GET /ContentCommon/images/image.png HTTP/1.1" "200" "1514283" "https://example.com/videos/10" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 YaBrowser/22.214.171.1249 Safari/537.36" "1514848" "-" "http" "origin.cdn.com" "1.500" "0.445" "157" "-" "[kal]" "MISS" "10485760" "0.0.0.0:80" "2510" "7399" "-" "-" "KZ" "-" "shield_no" "0.0.0.0" "206" "-" "0.000" "0.200" "0.0.0.0"
|Field||Example log value||
IP address of the client
User name supplied with the Basic authentication
Local time in the Common Log Format
GET /ContentCommon/images/image.png HTTP/1.1
|HTTP request type, requested path to a file, HTTP version|
|Number of bytes sent to a client, disregarding the response header|
Referrer: specify the URL of the user
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 YaBrowser/126.96.36.1999 Safari/537.36
|User Agent which a user applied to request content|
|Number of bytes sent to a client|
Value of the HTTP Content-Size header
Request's protocol (HTTP ot HTTPS)
CDN-resource's Hostname received from a request
Request processing time counted in seconds with a milliseconds resolution; time elapsed from the first bytes sent by the client till the log record, made after a client sent last bytes
Time spent on receiving the response from the upstream server; time counted in seconds with millisecond resolution. Time of several responses is shown in commas and colon
Request length (including request line, header and request body)
File fragment value received by Range request
The name of the responded CDN-node
CDN cache status of a requested file:
HIT – file's given from the cache
STALE – file outdated as the origin server didn't respond or responded incorrectly due to cache's being updated
UPDATING - file outdated as it's being updated after the earlier request was sent
REVALIDATED – the proxy_cache_revalidate directive was enabled and NGINX verified that the currently cached content is still valid
EXPIRED - cache lifetime ended, but the file is relevant to the origin's file. A request is sent to the origin server for the recache
MISS – file isn't given from the cache, it's proxied from the origin server
Length of the response obtained from the origin server; stored in bytes. Lengths of several responses are separated by commas and colons
IP address and port of the prigin server
Your ID in our system
Your CDN-resource ID in our system
Cookie name and received user ID
Cookie name and provided user ID
User’s country code
User’s city code
Specifies if a shield is enabled or not
shield_old - enabled
shield_no - disabled
IP address of anycast zone or edge-server
Origin server's response code
Time spent to access the origin server; time counted in seconds with millisecond resolution.
Time spent to receive a header from the origin server; time counted in seconds with millisecond resolution.
IP address of an edge-server that received the first client request if the Cache Sharding feature is enabled.