LogoLogo
  • Welcome
  • Landing in Transparent Edge
  • Sign up process
  • Getting Started
    • Basics concepts
      • Glosary
        • API
        • Brotli Compression
        • Cache-Control
        • Cache key
        • Caching
        • CNAME
        • Cloud Computing
        • Cloud Computing Architecture
        • Cloud Services
        • DASH
        • Data Center
        • Edge Server
        • ETag
        • GSLB
        • HLS (HTTP Live Streaming)
        • HTTP/2
        • Infrastructure as a Service (IaaS)
        • Internet Exchange Point
        • Last-Modified
        • Load Balancing
        • MultiCDN
        • NoSQL (not only SQL)
        • Origin
        • Origin Shield
        • OTT (Over The Top)
        • Platform as a Service (PaaS)
        • PoP (Point of Presence)
        • Private CDN
        • Private Cloud
        • Public Cloud
        • Purge
        • Query String
        • Reverse Proxy
        • RTT (Round-trip Time)
        • SaaS (Software as a Service)
        • SDS (Software Defined Storage)
        • Smooth Streaming
        • Status Code
        • TCP (Transmission Control Protocol)
        • TLS Acceleration
        • TLS (Transport Layer Security)
        • TTFB (Time-to-first-byte)
        • TTL (Time-to-live)
        • Virtual Machine
        • VPS (Virtual Private Server)
        • Web Services
      • Let's start at the beginning
      • Things to consider
      • Houston, we have a problem
      • HTTP, How does it work?
      • Invalidating methods
      • DNS Pointing
      • Log formats
      • Predefined headers
      • Default headers
        • geo_country_code
        • X-Device
        • Vary
        • Cache headers
        • Age
        • TP-Cache
        • True-Client-IP and X-Forwarded-For
      • Forcing No-Cache
      • Architecture
        • Transparent Edge’s IP addresses
        • Locations and PoP
        • Cache layers
      • Cache effectiveness
      • SSL
      • HTTP 5xx Error Codes
      • Features
        • Protection against origin failures
        • Rate Limit
        • Geolocation and geoblocking
        • Prefechting
        • Refetching
        • Fast purging
        • HTTP Redirects
        • Caching static vs. dynamic objects
        • Rewriting of headers
        • Device detection
    • Dashboard
      • Historic
      • Analytics
      • Invalidating content
      • Content invalidation by tags
      • Prefetching Cache
      • Log shipping
      • Provisioning
        • Initial configuration
        • Backends
        • Sites
        • Configuration deployments
        • Network ACLs
        • TLS/SSL Certificates
      • User management
  • Configuration
    • VCL Reference
      • Default Functions
      • VCL Objects
      • Callable Functions
      • Security restrictions
      • Varnish book
    • Network Access Control List
      • Initial configuration
      • Auto generated lists
      • Manage lists via API
    • i3
      • Quality adjustment
      • Cache timing allocation for transformed images
      • Conversion to grayscale
      • Conversion to WebP
      • Blurring
      • Inclusion of graphics in the footer (strip)
      • Automatic resizing
      • Definition of the maximum size (content-length)
    • Transcoding
      • Relaunch or requeue jobs
      • Create a transcode job
      • Get job information
      • Dashboard usage
    • OpenAPI de TransparentCDN
  • Security
    • HTTPS
    • Blocking User-Agent
    • Blocking by IP Address
    • Blocking Requests Geographically
    • Avoiding Hotlinking
    • Bot Mitigation
    • WAF
      • Configuration
      • CAPTCHA
      • Content protected by token
      • Rate limit
    • Anomaly Detection
      • Detection Types
      • Automatic Reactions
      • Detection History
    • Under attack mode
    • Global Whitelists
  • Integrations
    • Wordpress plugin
    • Google Cloud Platform
    • Amazon Web Services
  • GUIDES AND TUTORIALS
    • How to do things
    • Edge Computing
      • ESI Tags
    • Acting on the Query String
    • Working with cookies
    • Making decisions based on HTTP headers
    • Web Application Gateway
    • Configure your servers to send cache headers
    • Caching a version per device
    • True-Client-IP in the origin
    • A/B Testing
    • Routing traffic to different backends
    • JSON Web Tokens
    • Debug codes
    • Streaming logs
    • API
      • Authentication
      • Invalidation
Powered by GitBook
On this page
  • Log format - Web Caching Service
  • Format of WAF logs

Was this helpful?

Export as PDF
  1. Getting Started
  2. Basics concepts

Log formats

PreviousDNS PointingNextPredefined headers

Last updated 8 months ago

Was this helpful?

Transparent Edge makes its website logs available to customers. This can work in two different ways:

1. (PULL): The customer can download the logs from an FTP set up for that purpose.

2. (PUSH): Transparent Edge can send the logs every hour to an FTP that the customer makes available to us for that purpose.

This service is not enabled by default. If you’d like to enable it, follow the instructions.

Log format - Web Caching Service

203.0.113.5 - - [10/Aug/2024:06:20:13 +0000] "GET http://www.transparentedge.eu/wp-content/plugins/ninja-forms/assets/fonts/fontawesome-webfont.woff2 HTTP/2.0" 200 66624 "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" hit "font/woff2" "L1" 1194 "82" "https://www.transparentedge.eu/wp-content/cache/wpo-minify/1724664512/assets/wpo-minify-footer-a97725b0.min.css" https ES "OK" "TCDN-OK:782763138" 1766

  • Field 1: Client IP.

  • Field 2: Remote logname. Always '-'.

  • Field 3: Username from auth basic.

  • Field 4: Date and time (UTC).

  • Field 5: HTTP Method.

  • Field 6: URL requested.

  • Field 7: Protocol.

  • Field 8: Status code.

  • Field 9: Size of the object.

  • Field 10: User-Agent.

  • Field 11: Result of the request (HIT/MISS).

  • Field 12: Content type.

  • Field 13: Cache layer that served the request (L1/L2).

  • Field 14: Response time of the request in microseconds.

  • Field 15: Client ID.

  • Field 16: Referer.

  • Field 17: Real protocol (because we undo the HTTPS in a layer prior to the cache layer, this field is necessary to identify if the original request was made via HTTP o HTTPS).

  • Field 18: Country code.

  • Field 19: Multi-purpose field. If is active and performs any action, it's shown here.

  • Field 20:

  • Field 21: Remaining TTL of the object.

Format of WAF logs

47.62.117.136 - - [25/May/2020:15:03:22 +0000] "GET http://www.example.com/elt/ HTTP/1.0" 200 12423 "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36" "text/html" "waf" 1 "179"

  • Field 1: Client IP.

  • Field 2: Remote logname. Always '-'.

  • Field 3: Username from auth basic.

  • Field 4: Date and time + time difference.

  • Field 5: Host header.

  • Field 6: Request URL.

  • Field 7: Protocol.

  • Field 8: Status code.

  • Field 9: Size of the object.

  • Field 10: User-Agent.

  • Field 11: Content type.

  • Field 12: Layer that served the request (in this case WAF).

  • Field 13: Response time of the request.

  • Field 14: Client ID.

here
BotM
Origin Error.