Fluentd input plugin for AWS ELB Access Logs.
Ruby
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
gemfiles
lib
spec
.coveralls.yml
.gitignore
.rspec
.simplecov
.travis.yml
Appraisals
Gemfile
LICENSE.txt
README.md
Rakefile
fluent-plugin-elb-access-log.gemspec

README.md

fluent-plugin-elb-access-log

Fluentd input plugin for AWS ELB Access Logs.

Gem Version Build Status Coverage Status

Installation

Add this line to your application's Gemfile:

gem 'fluent-plugin-elb-access-log'

And then execute:

$ bundle

Or install it yourself as:

$ gem install fluent-plugin-elb-access-log

Configuration

<source>
  @type elb_access_log
  #aws_key_id YOUR_ACCESS_KEY_ID
  #aws_sec_key YOUR_SECRET_ACCESS_KEY
  #profile PROFILE_NAME
  #credentials_path path/to/credentials_file
  #http_proxy http://...

  account_id 123456789012 # required
  region us-west-1 # required
  s3_bucket BUCKET_NAME # required
  #s3_prefix PREFIX

  #tag elb.access_log
  #tsfile_path /var/tmp/fluent-plugin-elb-access-log.ts
  #histfile_path /var/tmp/fluent-plugin-elb-access-log.history
  #interval 300
  #start_datetime 2015/05/24 17:00
  #buffer_sec 600
  #history_length 100
  #sampling_interval 1
  #debug false
  #elb_type clb # or alb
  #filter elb_status_code:^2,timestamp:^2018
  #filter_operator and # or "or"
  #type_cast true
  #parse_request true
  #split_addr_port true
  #file_filter REGEXP
  #request_separator .
</source>

Outout

CLB

see http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/access-log-collection.html

{
  "timestamp":"2015-05-24T08:25:36.229576Z",
  "elb":"hoge",
  "client":"14.14.124.20",
  "client_port":52232,
  "backend":"10.0.199.184",
  "backend_port":80,
  "request_processing_time":5.5e-05,
  "backend_processing_time":0.000893,
  "response_processing_time":5.7e-05,
  "elb_status_code":200,
  "backend_status_code":200,
  "received_bytes":0,
  "sent_bytes":3,
  "request":"GET http://hoge-1876938939.ap-northeast-1.elb.amazonaws.com:80/ HTTP/1.1",
  "user_agent":"curl/7.30.0",
  "ssl_cipher":"-",
  "ssl_protocol":"-",
  "request.method":"GET",
  "request.uri":"http://hoge-1876938939.ap-northeast-1.elb.amazonaws.com:80/",
  "request.http_version":"HTTP/1.1",
  "request.uri.scheme":"http",
  "request.uri.user":null,
  "request.uri.host":"hoge-1876938939.ap-northeast-1.elb.amazonaws.com",
  "request.uri.port":80,
  "request.uri.path":"/",
  "request.uri.query":null,
  "request.uri.fragment":null
}

ALB

see http://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html

{
  "type": "https",
  "timestamp": "2015-05-24T19:55:36.000000Z",
  "elb": "hoge",
  "client_port": 57673,
  "target_port": 80,
  "request_processing_time": 5.3e-05,
  "target_processing_time": 0.000913,
  "response_processing_time": 3.6e-05,
  "elb_status_code": 200,
  "target_status_code": 200,
  "received_bytes": 0,
  "sent_bytes": 3,
  "request": "GET http://hoge-1876938939.ap-northeast-1.elb.amazonaws.com:80/ HTTP/1.1",
  "user_agent": "curl/7.30.0",
  "ssl_cipher": "ssl_cipher",
  "ssl_protocol": "ssl_protocol",
  "target_group_arn": "arn:aws:elasticloadbalancing:ap-northeast-1:123456789012:targetgroup/app/xxx",
  "trace_id": "Root=xxx",
  "domain_name": "-",
  "chosen_cert_arn": "arn:aws:acm:ap-northeast-1:123456789012:certificate/xxx",
  "client": "14.14.124.20",
  "target": "10.0.199.184",
  "request.method": "GET",
  "request.uri": "http://hoge-1876938939.ap-northeast-1.elb.amazonaws.com:80/",
  "request.http_version": "HTTP/1.1",
  "request.uri.scheme": "http",
  "request.uri.user": null,
  "request.uri.host": "hoge-1876938939.ap-northeast-1.elb.amazonaws.com",
  "request.uri.port": 80,
  "request.uri.path": "/",
  "request.uri.query": null,
  "request.uri.fragment": null
}