Send Classic Load Balancer (CLB) Layer-7 access logs to Log Service for querying, analysis, and alerting.
Prerequisites
-
A CLB instance is created. Create an instance.
-
A Layer-7 listener (HTTP or HTTPS) is configured on the CLB instance. Add an HTTP listener or Add an HTTPS listener.
-
A Log Service project and Logstore are created in the same region as the CLB instance. Create a project and a Logstore.
Procedure
RAM users require specific permissions to enable access logging. RAM user authorization.
-
Log on to the Server Load Balancer console.
-
In the top navigation bar, select a region.
-
In the left-side navigation pane, choose .
-
Follow the on-screen instructions to authorize CLB to assume the AliyunLogArchiveRole role for Log Service access.
An Alibaba Cloud account must complete this one-time authorization.
WarningDo not revoke the authorization or delete the AliyunLogArchiveRole role. Otherwise, access logs cannot be sent to Log Service.
-
On the Access Log (Layer-7) tab, find the target instance and click Settings in the Actions column.
-
In the Configure Logging panel, select an available project and Logstore, and then click OK.
Log Service automatically creates an index for the Logstore. Any existing index is overwritten.
Related operations
|
Actions |
Description |
|
Query access logs |
On the Access Log (Layer-7) tab, find the target instance and click View Logs in the Actions column. Query access logs. |
|
Disable access logging |
On the Access Log (Layer-7) tab, find the target instance and click Delete in the Actions column. Disable access logging. Important
Disabling access logging does not delete the project or existing logs. To avoid unexpected charges, delete the project in the Log Service console. Manage projects. |
Next steps
After access logging is enabled, you can query, analyze, download, ship, and transform logs, and configure alerts in the Log Service console. Common operations on logs of Alibaba Cloud services.