This topic describes how to use the query and analysis feature of Log Service to analyze layer-7 access logs of Server Load Balancer (SLB) in real time.
Layer-7 access logs of SLB are collected. For more information, see Enable the access log management feature.
SLB is a basic component for most cloud services. In most cases, you need to continuously monitor, detect, diagnose, and configure alerts for SLB. Alibaba Cloud SLB distributes traffic to multiple ECS instances to improve the service capabilities of applications. You can use SLB to prevent single point of failures (SPOFs) and a large number of concurrent web access requests.
- Page Views (PVs): the total number of HTTP or HTTPS requests sent by the clients.
- Unique Visitors (UVs): the total number of unique requests. Requests initiated by unique visitors from the same client are counted only once.
- Request success rate: the percentage of the requests whose status code is 2XX to the total PVs.
- Request traffic: the total number of bytes of request messages that are sent by the clients.
- Response traffic: the total number of bytes of the HTTP message body that is sent to the clients.
- PV heat map: indicates the density of PVs in the regions where the IP addresses of the clients reside.
- Log on to the Log Service console.
- In the Projects section, click a project.
- In the left-side navigation pane, choose > icon next to it.. Find the destination Logstore and click the
- In the Visual Dashboards section, click the destination dashboard.The destination dashboard includes slb-user-log-slb_layer7_operation_center_en and slb-user-log-slb_layer7_access_center_en.
- Basic analysis
- View the regions from which the requests are sent in a specified period.
- Use the filter to specify an SLB instance and view the PV and UV trends of the SLB instance. For more information about how to use the filter, see Add a filter.
- Traffic and latency analysis
- View the trends of the request traffic and response traffic in a specified period.
- View the trends of the response time and upstream response time in a specified period.
- View the trend of high-latency requests in a specified period.
- User request analysis
- View the distributions of the request methods and request protocols in a specified period.
- View the PV trend of different request methods in a specified period.
- View the distribution of different status codes in a specified period.
If a large number of status codes 500 are generated, it indicates that internal errors have occurred on the ECS instance.
- View the PV trends of different status codes in a specified period.
- Request source analysis
- View the distribution of Internet service providers.
- View the geographic location such as country, province, and city by analyzing the IP addresses of the clients.
- View the information of a user agent.
The user agent (http_user_agent) can be used to identify who is visiting the website or service. For example, a search engine uses web crawlers to scan or download website resources. In most cases, web crawlers allow the search engine to update website content in a timely manner and facilitates website promotion and search engine optimization (SEO). If all of the high PV requests are sent from the web crawlers, the service performance may be affected and ECS instance resources may be wasted.
- Business analysis
You can use access logs to analyze service traffic and make business decisions.
- Analyze the PV heat map to optimize promotion plans.
- Analyze visitor behavior based on the host and URI information to optimize website content.
- Basic analysis
Request scheduling analysis
Client traffic is first processed by SLB and then distributed to an ECS instance for business logic processing. SLB can detect unhealthy ECS instances and distribute traffic to healthy ECS instances. After the unhealthy ECS instances recover, traffic is distributed to them.
* | select COALESCE(client_ip, vip_addr, upstream_addr) as source, COALESCE(upstream_addr, vip_addr, client_ip) as dest, sum(request_length) as inflow group by grouping sets( (client_ip, vip_addr), (vip_addr, upstream_addr))