[Workshop Alert] Dynamic Scoring for WAF Actions and CloudFront Traffic - Save Your Seat Now!

A Complete Guide to Tracking CDN Logs

  • Lipsa Das
  • August 20, 2023
Share article
CDN tracking for logs

The Content Delivery Network (CDN) market is projected to grow from 17.70 billion USD to 81.86 billion USD by 2026, according to a recent study. As more businesses adopt CDNs for their content distribution, CDN log tracking is becoming essential to achieve full-stack observability

That being said, the widespread distribution of the CDN servers can also make it challenging when you want visibility into your visitors’ behavior, optimize performance, and identify distribution issues. Thankfully, CDN logging provides a solution to these issues. 

In this article, we’ll dive into what CDN logs are, how to track them and the kind of data you should be extracting from them.

Understanding CDN logs

CDNs speed up content delivery and improve user experience by caching assets like images and videos on edge servers distributed across the globe. And CDN logs curate data on all requests accessing your website or app through the CDN.

These include data like request URLs, response codes and time, client IP addresses, request times, caching information and the geolocation of requests. CDN log data can also help you determine who is accessing your app or website, where they are accessing it from and the type of data they access.

CDN logs typically follow a common log format, with some variation between providers. Here is a general outline of the information you’ll typically find in a CDN log:

  • Client IP address: The IP address of the user or device accessing your content through the CDN. 
  • Request time: The date and time the request was made, in UTC. 
  • Request URL: The full URL that was requested. 
  • Response code: The HTTP response code returned for the request, such as 200 (OK), 404 (Not Found), etc.
  • Cache status: Whether the requested resource was served from cache or fetched from the origin. 
  • Request method: The HTTP method used, typically GET but sometimes POST.
  • Server IP: The IP address of the specific CDN server or POP that served the request.
  • Object size: The size of the requested object, in bytes. 
  • Geolocation: The location of the requesting client, such as country and sometimes city or region. 

Most major CDN providers offer logging and analytics dashboards as part of their service, often for an additional fee. You can configure some CDNs to send their logs to a third-party analytics or logging system for further CDN log analysis.

What is CDN tracking exactly?

CDN tracking typically involves CDN monitoring tools and software that collect data on user interactions with CDN-delivered content. This data can include the user’s geographic location, device type, browser type, and the specific content items accessed. Analyzing this data helps you to identify patterns and trends in user behavior, and make informed decisions about how to optimize content delivery for different user segments.

CDN monitoring tools integrate with the CDN provider’s APIs to access real-time metrics and log data those APIs expose. They also allow you to analyze and report on that data within a central dashboard or interface.

CDN monitoring tools simplify the process of tracking your CDN logs by providing;

  • centralized monitoring of multiple CDNs in one place
  • standardized reporting and dashboards across CDNs and
  • advanced analytics capabilities not available in the CDN provider’s native tools

With the advanced tracking capabilities provided by CDN monitoring tools, you can extract all kinds of useful data from your CDN logs with ease. Let’s look at some data types you can extract from your CDN logs and how to use them.

What to extract from CDN logs?

Collecting CDN log data allows you to monitor the usage and performance of your CDN. By analyzing this data with a tool like Coralogix, you can identify performance bottlenecks, troubleshoot errors, and optimize CDN configurations to ensure fast and reliable content delivery.

CDN logs can be categorized based on the type of data they provide in 6 different types, as outlined below: 

1. Access logs

These logs provide information about every request made to the CDN, including the time of the request, the IP address of the requester, the HTTP status code, the requested URL, and the size of the response.

Use access logs to identify resources that are being accessed most frequently, which helps you with optimizing caching, CDN configurations, and resource allocation. Access logs also allow you to  identify and troubleshoot issues with specific URLs or origin servers. For example, if a particular URL is returning a 404 or 500 error code, access logs can be used to identify and investigate the root cause of the error.

2. Error logs 

Error logs only capture information about errors that occur while processing requests, such as 404 errors or 500 errors. They help you find and troubleshoot issues with specific requests, such as missing resources or incorrect server configurations.

Error logs can also be used to monitor and investigate errors in real-time, and take corrective actions to ensure uninterrupted service.

3. Performance logs

Performance logs contain real-time information about the performance of the CDN, including the response time, the number of requests served, and the number of requests that were cached.

They also let you optimize the CDN configuration by adjusting cache expiration times or configuring load balancing. Use performance logs to monitor and analyze the performance of the CDN infrastructure, and identify performance bottlenecks that could impact user experience.

4. Security logs

Security logs detail information about security-related events, such as failed login attempts or attacks on the CDN infrastructure. These logs can be used to monitor and detect suspicious activity, such as brute-force attacks or DDoS attacks.

You can also use security logs to identify and mitigate security threats, such as by blocking IP addresses or implementing rate limiting.

5. Analytics logs 

Analytics logs provide information about user behavior, such as the geographic location of users, the devices they are using, and the pages they are accessing. These types of logs help you understand user behavior and optimize the user experience, such as by optimizing page load times or improving content delivery.

They can be used to monitor and analyze user behavior, and identify patterns and trends that could impact the performance of the CDN infrastructure.

6. Real-time logs 

Real-time logs are generated in real-time and they provide information about the requests being processed by the CDN, enabling administrators to monitor and respond to issues as they occur.

These logs can be used to troubleshoot issues in real-time and ensure uninterrupted service. For instance, when you make changes to your CDN configuration, use real-time log analysis to validate the new settings are working as expected and alert you to any unintended consequences.

CDN log monitoring with Coralogix

Coralogix’s full-stack observability platform comes equipped with in-stream data analytics that allows you to collect and centralize CDN logs from various CDN services. Analyze these massive CDN logs in real-time without indexing using their Streama© streaming analytics engine.

The platform lets you set up real-time alerts on CDN logs to detect issues, outliers, and anomalies, while their in-stream alerting feature correlates events across log, metric, and trace data. CDN tracking with Coralogix is a seamless process. 

First, use Coralogix’s integrations with CDNs, such as Akamai or Amazon CloudFront, to collect and stream CDN logs directly to the dashboard. Once logs are collected, Coralogix’s search and filtering capabilities help you query and analyze the logs, create real-time alerts and dashboards to monitor CDN performance metrics and detect issues.Then, try integrating CDN log data with other contextual data, such as application logs, metrics, and traces, to gain a comprehensive view of issues impacting CDN performance.

Furthermore, with the help of CDN monitoring tools, gain valuable insights into how your CDN is performing and identify any issues affecting your content distribution. Investing in a robust CDN monitoring solution will improve the efficiency of your content delivery networks. CDN monitoring tools will work effectively to serve users the content they want, when and where they want it.

Observability and Security
that Scale with You.