After real-time log delivery is enabled, real-time logs are collected. The following table describes the fields in real-time log entries of different types.

Note
  • The following table describes the fields in real-time logs. To reduce costs, we recommend that you select log fields that you want to deliver based on your business requirements.
  • If real-time logs that you collect are of the same type, all log delivery tasksshare a set of fields. Field edits made for a task take effect globally. For example, the domain field is selected by default for user access logs. If a user removes the domain field for a task, the field will be immediately removed from other delivery tasks of access logs.

Fields in an access log

After access log delivery is enabled, access logs are collected. The following table describes the fields in access log entries.

Field Description Log Service indexed Used for built-in visualized analysis
unixtime The timestamp of the request. Yes Yes
domain The domain name to which the request was sent. Yes Yes
method The request method. Yes Yes
scheme The protocol over which the request was sent. Yes No
uri The resource that was requested. Yes Yes
uri_param The request parameters. Yes No
client_ip The real IP address of the client that sent the request, which can be a public IP address or a private IP address. Yes Yes
proxy_ip The IP address of the proxy. Yes No
remote_ip The public IP address of the client that connected to the DCDN node. Yes No
remote_port The port to which a DCDN node sends requests over the Internet. Yes No
refer_protocol The protocol in the HTTP Referer. Yes No
refer_domain The domain name in the HTTP Referer. Yes Yes
refer_uri The URI in the HTTP Referer. Yes No
refer_param The parameters in the HTTP Referer header. Yes No
request_size The size of a request that includes the request body and the request header. Yes No
request_time The response time. Unit: milliseconds. Yes Yes
response_size The size of a response. Unit: bytes. Yes No
return_code The HTTP status code that was returned. Yes Yes
sent_http_content_range The value of the Range header in the response, which is configured on the origin server. Example: bytes=0-99/200. Yes No
server_addr The IP address of the DCDN node that responded to the request. Yes No
server_port The port on the DCDN node that responded to a request. Yes No
body_bytes_sent The size of the request body. Unit: bytes. Yes No
content_type The type of the requested resource. Yes No
hit_info

The cache hit result. The cache hit results of requests for live streaming resources or dynamic content are not included. Valid values:

  • HIT: indicates a cache hit.
  • MISS: indicates a cache miss.
Yes Yes
http_range The value of the Range header in the request. Example: bytes=0-100. Yes No
user_agent The information about the proxy of the client. Yes Yes
user_info The information about the user. Yes No
uuid The ID of the request. Yes No
via_info The HTTP Via header. Yes No
xforwordfor The value of the X-Forwarded-For header in the request. Yes No

Fields in a back-to-origin routing log

After back-to-origin routing log delivery is enabled, back-to-origin routing logs are collected. The following table describes the fields in back-to-origin routing log entries.

Field Description Log Service indexed Used for built-in visualized analysis
clientip The IP address of the edge node. Yes No
connect_time The connection time with the origin server. Yes No
content_range The value of the Content-Range field in the response header. Yes No
httpCode The response status code. Yes Yes
http_range The Range request header. Yes No
method The protocol for back-to-origin routing. Valid values:
  • 0: HTTP
  • 1 :HTTPS
Yes Yes
origin_ip The origin IP address. Yes No
real_domain The domain name requested by the user. Yes Yes
real_host The origin host. Yes No
request_body_size The size of the request body if the origin response to the POST request is not 200. Unit: bytes. Yes No
request_size The size of the request. Unit: bytes. Yes No
ssl_session_reused Whether the SSL handshake session is reused. Valid values:
  • 0: not reused
  • 1: reused
Yes No
unixtime The timestamp of the request. Yes No
url The URL of the request. Yes Yes
user_agent The information about the proxy of the client. Yes No
user_info The information about the user. Yes No
uuid The ID of the request. Yes No
req_time The response time. Unit: milliseconds. Yes Yes
origin_addr The IP address or domain name of the origin server. Yes Yes