View Logs (GREP)

The View Logs (GREP) tool uses the GREP command to retrieve and parse logs for an edge server IP address. The tool retrieves the logs for a particular hostname or CP code of your choice. You can get the logs from either the last 6 or 24 hours depending on the server and traffic conditions.

The tool fetches up to 5000 log lines that can help you identify errors in the traffic either between a client and an edge server or the edge server and origin.

Submit a request

Learn how to submit a request in the View logs (GREP) tool.

  1. Go to > SUPPORT > Edge Diagnostics.

  2. In the side menu, select > View logs (GREP).

  3. Select whether you want to filter the logs by Host headers or CP codes. Enter up to 10 values.

  4. Enter an Edge server IP of the server you want to get the logs from. You can get this values either from the User Diagnostic Data or Get Domain Details (DIG) tools' results.

  5. Select the Log record type of interest. You can get logs for:

    • Client requests to an edge server (r). Requests from client’s machine to an edge server.
    • Forward requests from an edge server (f).
    • Both.
  6. Select the Time period you want to get the logs for. You can get logs from either the last 6 or 24 hours depending on the server and traffic conditions.
    The recommended time frame is 10 minutes. It ensures that you quickly get only the most relevant data.

  7. Optional: Add filters.
    a. Select a filter to filter the logs by. The available filters are:
    - User agent. For the list of all possible values, check the List of User Agents.
    - HTTP status code. Click the hyperlink to specify if you want the filter to include or exclude specific values.
    - ARL. Akamai Resource Locator (ARL) is a modified object URL that contains an object's caching properties and resolves to the optimal Akamai server. To learn about the ARL syntax, check ARL syntax.
    - Client IP.

    b. Enter up to 10 filters values.

  8. Click Submit.

What you should see
If you entered more than host header or CP code, Edge Diagnostics divides your input; one request per host header or CP code/edge server IP pair. All requests appear in the Recent requests table.

Next steps
Click your request’s row to check the results. If you see Username icon in the Actions column, it means, that your request could not be processed and you need to retry.

Logs preview

The Logs preview include the following data:

  • Date time. The time when the request was submitted.
  • Log type. Either r, for requests from client to edge server or f, for forward requests from edge to origin server.
  • CS IP. Customer IP. The IP of a user’s machine. Not shown for forward requests.
  • FW IP. Forward IP. The IP of an edge server that forwarded the request to the origin server. Not shown for client requests.
  • CS method. Action taken by the user on CS URL, possible options are:
    • GET for getting a resource.
    • POST for creating a new resource.
    • PUT for updating a resource.
    • DELETE for deleting a resource.
  • CS URL. The URL accessed by the user of the CS IP.
  • CS status. The status of the operation represented by the HTTP response code.
  • Content type. The format of the downloaded object.
  • Bytes served. The number of bytes served by the server.
  • Bytes received. The number of bytes received and processed by the server.
  • Object size. The size of the downloaded object.
  • Time taken. The transfer time, in milliseconds.
  • Turnaround time:
    • r log line: The time between receipt of the end of the request headers and when the first byte of the reply is written to the client socket, in milliseconds.
    • f log line: The delta between when the last request byte was written and when first reply byte was received from the forward server (origin server, peer, or parent), in milliseconds.
  • CS (referer). The previous site visited by the user.
  • CS (user agent). The browser used by the user.
  • CS (cookie). The content of the cookie sent or received, if any.
  • Error. The error code returned. For details, check Error codes.
  • SSL version. Secure Sockets Layer version used during the request.
  • Host header. Header specifying the host and port number of the request's server.
  • Custom field: Contains the value specified by the metadata tag reporting:lds.custom-field. The value of this field is not fixed as the tag can take an extracted variable as its content.


Sharing Custom field

The Custom field may include sensitive information depending on the way the field's value is populated through property behaviour configuration. We recommend, you don't share these results.

For more details on returned Object status codes, check Object status.