When your domain fails to be accelerated or is under attack, you can analyze logs to troubleshoot issues. You can view operation logs for all domains under the current account and download them to your local computer. This topic describes the log format and how to use and query logs.

Background information

How to use logs:
  • The latency to ingest log data to the console is four hours. You can query the generated log files of the last four hours in the Logs module.
  • Log files are generated once every hour. The number of log files generated for each hour is based on the amount of log data generated during that hour.
  • A log file is named in the format of AcceleratedDomain_Year_Month_Date_StartTime_EndTime. Example: www.test.com_2019_12_02_010000_020000.gz
Log format
  • Sample log entry
    [9/Jun/2019:01:58:09 +0800] - 1542 "-" "GET http://www.aliyun.com/index.html" 200 191 2830 MISS "Mozilla/5.0 (compatible; AhrefsBot/5.0; +http://ahrefs.com/robot/)" "text/html"
  • Log field description
    Field Description
    [9/Jun/2019:01:58:09 +0800] The time when the log entry was generated. The IP address of the client that initiated the request.
    N/A The proxy IP address.
    1542 The response time, in milliseconds.
    "-" The referer header in the request.
    GET The HTTP method.
    http://www.aliyun.com/index.html The URL that was requested.
    200 The HTTP status code that was returned.
    191 The request size, in bytes.
    2830 The response size, in bytes.
    MISS The cache hit status.
    Mozilla/5.0 (compatible; AhrefsBot/5.0; +http://ahrefs.com/robot/) The User-Agent header in the request.
    text/html The type of the file that was requested.


  1. Log on to the Dynamic Route for CDN console.
  2. In the left-side navigation pane, choose Logs.
  3. On the Logs page, select a domain, select a date, and then click Search.
  4. Find the target log file, and click Download in the Actions column.