Reputation: 5
AWS load balancer log analyzer
I'm new to AWS wolrd. My purpose is to find as soon as possible in case of problems using Elastic Load Balancer logs top ips from requests, if possible who they are or some inspection on it. I only found paid services. Does anyone know a free application or maybe a website that analyzes AWS ELB logs?
Upvotes: 0
Views: 2845
Answers (2)
Reputation: 107
Completely free solution isn't available as I know. Btw, there are cheap solutions.
You can monitor your load balancer by "Access logs", "CloudWatch metrics", "Request tracing" and "CloudTrail logs".
I don't understand exactly what you want, but there are some possible solutions.
- If you're afraid of being attacked and you need immediate protection (against security scans, DDoS etc), you can use AWS's own services. "AWS Shield Standard" is automatically included at no extra cost. Btw, "For added protection against DDoS attacks, AWS offers AWS Shield Advanced". https://docs.aws.amazon.com/shield/
- WAF is also good against attacks. You can create rules, rule-actions etc. Sadly it's not completely free. It runs "pay-as-you-use" style. https://aws.amazon.com/waf/pricing/
- you can store the access log in S3 and analyse it later, but this can be costly in the end (and it's not real time)
- you can analyse your log records with Lambda function. In this case, you need to use some NoSQL or something to store states or logics. (Lambda and DynamoDB is "pay-as-you-use" style and cheap, but not for free)
Keep in mind that:
- The load balancer and lambda also increments the corresponding CloudWatch metric (it's cheap, but not for free)
- You will pay for the outgoing data transfer. I mean from AWS to internet 1TB/month/account is always free (through CloudFront): https://aws.amazon.com/free/
- you should use AWS's own services if you want a cheap and good solution
Upvotes: 1
Reputation: 16
Elastic Load Balancing provides access logs that capture detailed information about requests sent to your load balancer. Each log contains information such as the time the request was received, the client's IP address, latencies, request paths, and server responses.
But keep in mind that access logging is an optional feature of Elastic Load Balancing that is disabled by default. After you enable access logging for your load balancer, Elastic Load Balancing captures the logs and stores them in the Amazon S3 bucket that you specify as compressed files. You can disable access logging at any time.
There are many complex and paid application that returns information regard access log but i advise you a simple, easy to use website that i use when i want to see top requester on our load balancer.
Website is https://vegalog.net
You shoud only upload your log file taken from S3 bucket and it returns to you a report with top requester, who they are (using whois function), response time and other useful informations.
Upvotes: 0
Related Questions
- How can you tail AWS application load balancer logs? Is it really this hard? If so, why?
- AWS CloudWatch Logs Insights
- AWS Log Aggregator on the Cheap
- AWS Network Load Balancer access logs modification
- Enabling access logs for Application Load Balancer
- ELB log interpretation
- AWS, ELB, EC2 - How to enable detailed request logging for EC2 instances using ELB
- ELB: logs from two nodes
- Logs for actions on amazon s3 / other AWS services
- Aws Elastic Load Balancer