How to Log AWS CloudFront Access Request Data

How to Log AWS CloudFront Access Request Data

AWS CloudFront is a content distribution service offered by AWS to speed up the distribution of static content, such as media files, html, js, css, etc. CloudFront provides the log file option to log the end user access request data, its status and other relevant information. The log file will be stored in the S3 bucket. The log file can be in the same bucket as the distribution origin or it can also be in a separate bucket. The user can configure the same bucket for multiple distributions. The user can specify the prefix to the log file to distinguish the distribution details. The CloudFront stores the data to the log file periodically. Each log record will have the user access details, such as the date, time, the edge location information which served the content, the bytes from the server to the client, the client IP, the protocol (HTTP/s), the query string, and more.

The user account where the CloudFront distribution is located should have full access to the S3 bucket. If the bucket belongs to some other AWS account, provide the access rights.

The present guide demonstrates how to enable logging for the CloudFront download or the streaming distribution.

1. Create a new S3 bucket to store the log files.

2. Go to the AWS CloudFront Console and click on [i] to go to the configured properties of the existing distribution.

3. If the user has selected the download distribution in step#2, then the General tab will display the information about the log details. Note that logging has not been currently configured for this distribution. Click on the ‘Edit’ button.

4. In the Edit section, select the Logging “On” option. Specify the S3 bucket name as the public DNS. The bucket name DNS will be: <bucketname> If the user wants to segregate the logs of this distribution, specify the prefix. The cookie logging allows CloudFront to log information of the cookies in the access logs.

5. The distribution will be deployed again when the user saves the changes. The distribution status will be “In Progress” for some time. It will take about 10-15 minutes to deploy.

6. If the user has selected the streaming distribution in step#2, the streaming configuration will show the log configuration details, as given below. Edit the streaming properties.

7. Provide details, such as the bucket name, the log prefix, and the cookie, as explained in step#4.

8. When the user saves the distribution changes, the status will change to “In Progress” for some time. It will take about 10-15 minutes to deploy.

9. CloudFront will create folders inside the bucket as per the prefix specified. If the user has not specified the prefix, as explained in step #4, CloudFront will not create any folder. Thus, the log files will be stored in the bucket. Select any of the bucket folders.

10. The log files will be compressed in the “gz” format.

11. When the user opens any of the files inside zip, it will have the content, as shown below.

12. The above mentioned log file displays information, such as the request date, the request time, the edge location which served the content (Singapore – SIN3), and the bytes transferred between the server and the client. In addition, it also displays information, such as the client IP, the request method (Get / Post), the URL of the request, the status code, the browser, the cookie, and the edge location result.

Keywords: Amazon Web Services, AWS, Amazon AWS Console, AWS S3, Amazon CloudFront, AWS CloudFront, CloudFront, AWS EC2, AWS S3, Amazon S3, Download Distribution, AWS ELB, AWS IAM, CDN, Content Distribution Network

You must be to post a comment.

* As a bonus, you'll receive our weekly newsletter!

Hitchhiker's Guide to The Cloud

Newvem's eBook for Cloud Operations