Global Accelerator (GA) allows you to store access logs in Logstores of Log Service. You can use access logs to analyze user behaviors and troubleshoot based on the computing capabilities provided by Log Service.
The access log feature can deliver access logs to Log Service in the region where an endpoint group is deployed. This feature is used to collect access logs of endpoints whose backend server type is Alibaba Cloud public IP address, Elastic Compute Service (ECS) instance, and Layer 4 Classic Load Balancer (CLB) instance. If the backend server is a Layer 7 CLB instance, you can also use the CLB instance to directly collect access logs.
The access log contains all log entries that are generated when data is transferred from GA instances to endpoint groups. After you create access logs for GA, you can query the following information from Log Service: source IP addresses of clients, source ports of clients, destination IP addresses, and destination ports.
You do not need to pay additional fees when you enable the access log feature in the GA console. However, you are charged for using Log Service. For more information, see billing of Log Service.
The access log feature is supported only in regions where Log Service is supported. For more information, see Supported regions.
Create an access log
- Log on to the Global Accelerator console.
- On the Instances page, click the ID of the GA instance that you want to manage.
- On the instance details page, click the Access Log tab.
- On the Access Log tab, click Create Access Log. In the Storage Configuration dialog box, set the following parameters and click OK.
Parameter Description Select Source Listener ID/Name Select a listener. Endpoint Group ID/Name Select a destination endpoint group. Storage Settings Region By default, the region where the endpoint group resides is selected. Project
A project in Log Service is used to isolate and manage resources.
You can select Select Project or Create Project.
A Logstore in Log Service is used to collect, store, and query logs.
You can select Select Logstore or Create Logstore.Note When you perform this operation, the system checks whether the service-linked role AliyunServiceRoleForGaFlowlog is created for the GA instance.
- If the service-linked role AliyunServiceRoleForGaFlowlog is not created, the system automatically creates the service-linked role and attaches the permission policy AliyunServiceRolePolicyForGaFlowlog to the service-linked role. This allows GA to access Log Service and deliver flow logs to Log Service.
- If the service-linked role AliyunServiceRoleForGaFlowlog is created, the system does not create it again.
For more information, see AliyunServiceRoleForGaFlowlog.
- On the Access Log tab, find the access log and click View Log in the Actions column to go to the Log Service console. After Log Service collects access logs, you can query, analyze, download, deliver, and process logs. In addition, you can create alerts. For more information, see Common operations on logs of Alibaba Cloud services.
The information that you can query from Log Service includes the following fields:
|accelerator_region||The accelerated region.|
|client_ip||The source IP address of the client.|
|client_port||The source port of the client.|
|egress_bytes||The returned traffic during the time period when logs are collected.|
|endpoint_group_id||The ID of the endpoint group.|
|endpoint_group_region||The region where the endpoint group is deployed.|
|endpoint_ip||The IP address of the endpoint, which is the destination IP address.|
|endpoint_port||The port of the endpoint, which is the destination port.|
|ga_id||The ID of the GA instance.|
|http_host||The host header in the request packet.|
|http_referer||The HTTP referer header in the request packet.|
|ingress_bytes||The inbound traffic during the time period when logs are created.|
|listener_id||The ID of the listener.|
|protocol||The network transmission protocol of the listener.|
|request_method||The request method.|
|request_uri||The URI of the request packet that GA receives.|
|status||The status of the response packet that GA sends.|
|time||The time when the log is collected.|