EN

Log formats

Transparent Edge makes its website logs available to customers. This can work in two different ways:

1. (PULL): The customer can download the logs from an FTP set up for that purpose.

2. (PUSH): Transparent Edge can send the logs every hour to an FTP that the customer makes available to us for that purpose.

This service is not enabled by default. If you’d like to enable it, follow the instructions here.

Log format - Web Caching Service

139.47.132.74 - - [25/May/2020:12:56:34 +0000] "GET http://www.example.com/css/i/blank.gif HTTP/1.1" 200 49 "Mozilla/5.0 (Web0S; Linux/SmartTV) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.34 Safari/537.36 HbbTV/1.4.1 (+DRM; LGE; 49UK6300PLB; WEBOS4.0 05.10.45; W4_LM18A; W4_LM18A;)" hit "image/gif" "L1" 169 "213" "http://www.example2.com/v2.3.1_1/index.html" http ES "OK" 285

  • Field 1: Client IP.

  • Field 2: Remote logname. Always '-'.

  • Field 3: Username from auth basic.

  • Field 4: Date and time (UTC).

  • Field 5: HTTP Method.

  • Field 6: URL requested.

  • Field 7: Protocol.

  • Field 8: Status code.

  • Field 9: Size of the object.

  • Field 10: User-Agent.

  • Field 11: Result of the request (HIT/MISS).

  • Field 12: Content type.

  • Field 13: Cache layer that served the request (L1/L2).

  • Field 14: Response time of the request in seconds with microsecond precision, in microseconds directly on the self-service platform.

  • Field 15: Client ID.

  • Field 16: Referer.

  • Field 17: Real protocol (because we undo the HTTPS in a layer prior to the cache layer, this field is necessary to identify if the original request was made via HTTP o HTTPS).

  • Field 18: Country code.

  • Field 19: Multi-purpose field. If BotM is active and performs any action, it's shown here.

  • Field 20: Origin Error.

  • Field 21: Remaining TTL of the object.

Log format - Media Service

37.132.249.54 - - [31/Jul/2017:18:07:20 +0200] vod.example.com "GET /resources/1497635691910.mp4 HTTP/1.1" 200 153784 "-" "stagefright/1.2 (Linux;Android 4.4.2)" "video/MP2T" "HIT" "L1" "36" 0.024 http ES

  • Field 1: Client IP.

  • Field 2: Remote logname. Always '-'.

  • Field 3: Username from auth basic.

  • Field 4: Date and time + time difference.

  • Field 5: Host header.

  • Field 6: Request URL.

  • Field 7: Protocol.

  • Field 8: Status code.

  • Field 9: Size of the object.

  • Field 10: Referer.

  • Field 11: User-Agent.

  • Field 12: Content type.

  • Field 13: Result of the request (HIT/MISS/expired).

  • Field 14: Cache layer that served the request.

  • Field 15: Client ID.

  • Field 16: Response time of the request.

  • Field 17: Real protocol (because we undo the HTTPS in a layer above the cache layer, this field is necessary to identify if the original request was made via HTTP o HTTPS).

  • Field 18: Country code.

Format of WAF logs

47.62.117.136 - - [25/May/2020:15:03:22 +0000] "GET http://www.example.com/elt/ HTTP/1.0" 200 12423 "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36" "text/html" "waf" 1 "179"

  • Field 1: Client IP.

  • Field 2: Remote logname. Always '-'.

  • Field 3: Username from auth basic.

  • Field 4: Date and time + time difference.

  • Field 5: Host header.

  • Field 6: Request URL.

  • Field 7: Protocol.

  • Field 8: Status code.

  • Field 9: Size of the object.

  • Field 10: User-Agent.

  • Field 11: Content type.

  • Field 12: Layer that served the request (in this case WAF).

  • Field 13: Response time of the request.

  • Field 14: Client ID.

PreviousDNS PointingNextPredefined headers

Last updated