Logging
You can enable, disable, and view logs for an external HTTP(S) load balancer backend service. For external HTTP(S) load balancers with backend buckets, logging is automatically enabled and cannot be disabled.
You enable or disable logging for each backend service. You can configure whether to log all requests or a randomly sampled fraction.
You must ensure that you don't have a logs exclusion that applies to
external HTTP(S) load balancers. For instructions about how to verify that Cloud HTTP Load
Balancer
logs are allowed, see Viewing resource-type
exclusions.
Enabling logging on a new backend service
Console
In the Google Cloud console, go to the Load Balancing page.
Click the name of your load balancer.
Click
Edit.Click Backend Configuration.
Select Create a backend service.
Complete the required backend service fields.
Click Enable logging.
In the Sample rate field, set the sampling probability. You can set a number from
0.0
through1.0
, where0.0
means that no requests are logged and1.0
means that 100% of the requests are logged. The default value is1.0
.To finish editing the backend service, click Update.
To finish editing the load balancer, click Update.
gcloud: Global mode
Create a backend service and enable logging by using the
gcloud compute backend-services create
command.
gcloud compute backend-services create BACKEND_SERVICE \ --global \ --enable-logging \ --logging-sample-rate=VALUE \ --load-balancing-scheme=EXTERNAL_MANAGED
where
--global
indicates that the backend service is global. Use this field for backend services used with global external HTTP(S) load balancers.--enable-logging
enables logging for that backend service.--logging-sample-rate
lets you specify a value from0.0
through1.0
, where0.0
means that no requests are logged and1.0
means that 100% of the requests are logged. Only meaningful with the--enable-logging
parameter. Enabling logging but setting the sampling rate to0.0
is equivalent to disabling logging. The default value is1.0
.
gcloud: Classic mode
Create a backend service and enable logging by using the
gcloud compute backend-services create
command.
gcloud compute backend-services create BACKEND_SERVICE \ --global \ --enable-logging \ --logging-sample-rate=VALUE \ --load-balancing-scheme=EXTERNAL
where
--global
indicates that the backend service is global. Use this field for backend services used with a global external HTTP(S) load balancer (classic).--enable-logging
enables logging for that backend service.--logging-sample-rate
lets you specify a value from0.0
through1.0
, where0.0
means that no requests are logged and1.0
means that 100% of the requests are logged. Only meaningful with the--enable-logging
parameter. Enabling logging but setting the sampling rate to0.0
is equivalent to disabling logging. The default value is1.0
.
Enabling logging on an existing backend service
Console
In the Google Cloud console, go to the Load Balancing page.
Click the name of your load balancer.
Click
Edit.Click Backend Configuration.
Click
Edit next to your backend service.Click Enable logging.
In the Sample rate field, set the sampling probability. You can set a number from
0.0
through1.0
, where0.0
means that no requests are logged and1.0
means that 100% of the requests are logged. The default value is1.0
.To finish editing the backend service, click Update.
To finish editing the load balancer, click Update.
gcloud: Global mode
Enable logging on an existing backend service with the
gcloud compute backend-services update
command.
gcloud compute backend-services update BACKEND_SERVICE \ --global \ --enable-logging \ --logging-sample-rate=VALUE
where
--global
indicates that the backend service is global. Use this field for backend services used with global external HTTP(S) load balancers.--enable-logging
enables logging for that backend service.--logging-sample-rate
lets you specify a value from0.0
through1.0
, where0.0
means that no requests are logged and1.0
means that 100% of the requests are logged. Only meaningful with the--enable-logging
parameter. Enabling logging but setting the sampling rate to0.0
is equivalent to disabling logging. The default value is1.0
.
gcloud: Classic mode
Enable logging on an existing backend service with the
gcloud compute backend-services update
command.
gcloud compute backend-services update BACKEND_SERVICE \ --global \ --enable-logging \ --logging-sample-rate=VALUE
where
--global
indicates that the backend service is global. Use this field for backend services used with a global external HTTP(S) load balancer (classic).--enable-logging
enables logging for that backend service.--logging-sample-rate
lets you specify a value from0.0
through1.0
, where0.0
means that no requests are logged and1.0
means that 100% of the requests are logged. Only meaningful with the--enable-logging
parameter. Enabling logging but setting the sampling rate to0.0
is equivalent to disabling logging. The default value is1.0
.
Disabling or modifying logging on an existing backend service
Console
In the Google Cloud console, go to the Load Balancing page.
Click the name of your load balancer.
Click
Edit.Click Backend Configuration.
Click
Edit next to your backend service.Clear Enable logging to disable logging entirely.
If you leave logging enabled, you can set a different sampling probability in the Sample rate field. You can set a number from
0.0
through1.0
, where0.0
means that no requests are logged and1.0
means that 100% of the requests are logged. The default value is1.0
. To reduce the number of stored logs to 20%, set the value to0.2
.To finish editing the backend service, click Update.
To finish editing the load balancer, click Update.
gcloud: Global mode
Disable logging on a backend service with the
gcloud compute backend-services update
command.
Disabling logging entirely
gcloud compute backend-services update BACKEND_SERVICE \ --global \ --no-enable-logging
where
--global
indicates that the backend service is global. Use this field for backend services used with global external HTTP(S) load balancers.--region
indicates that the backend service is regional. Use this field for backend services used with regional external HTTP(S) load balancers.--no-enable-logging
disables logging for that backend service.
Modifying the logging sample rate
gcloud compute backend-services update BACKEND_SERVICE \ --global \ --logging-sample-rate=VALUE
gcloud: Classic mode
Disable logging on a backend service with the
gcloud compute backend-services update
command.
Disabling logging entirely
gcloud compute backend-services update BACKEND_SERVICE \ --global \ --no-enable-logging
where
--global
indicates that the backend service is global. Use this field for backend services used with a global external HTTP(S) load balancer (classic).--no-enable-logging
disables logging for that backend service.
Modifying the logging sample rate
gcloud compute backend-services update BACKEND_SERVICE \ --global \ --logging-sample-rate=VALUE
where
--global
indicates that the backend service is global. Use this field for backend services used with a global external HTTP(S) load balancer (classic).--logging-sample-rate
lets you specify a value from0.0
through1.0
, where0.0
means that no requests are logged and1.0
means that 100% of the requests are logged. Only meaningful with the--enable-logging
parameter. Enabling logging but setting the sampling rate to0.0
is equivalent to disabling logging.
Viewing logs
To follow step-by-step guidance for this task directly in the Google Cloud console, click Guide me:
HTTP(S) logs are indexed first by a forwarding rule, then by a URL map.
To view logs, go to the Logs Explorer page:
To view all logs, in the Resource filter menu, select Cloud HTTP Load Balancer > All forwarding rules.
To view logs for one forwarding rule, select a single forwarding rule name.
To view logs for one URL map, select a forwarding rule, and then select a URL map.
Log fields of type boolean typically only appear if they have a value of true
.
If a boolean field has a value of false
, that field is omitted from the log.
UTF-8 encoding
is enforced for log fields. Characters that are not UTF-8
characters are replaced with question marks.
For a global external HTTP(S) load balancer (classic) and global external HTTP(S) load balancers, you can export
logs-based metrics using
resource logs (resource.type="http_load_balancer"
). The metrics
created are based on the "Google Cloud HTTP Load Balancing Rule
(Logs-based Metrics)" resource (l7_lb_rule
), which is available under
Cloud Monitoring dashboards instead of under the https_lb_rule
resource.
What is logged
external HTTP(S) load balancer log entries contain information useful for monitoring and debugging your HTTP(S) traffic. Log records contain required fields, which are the default fields of every log record.
Field | Field format | Field type: Required or Optional | Description |
---|---|---|---|
severity timestamp insertID logName |
LogEntry | Required | The general fields as described in a log entry. |
httpRequest | HttpRequest | Required | A common protocol for logging HTTP requests.
|
resource | MonitoredResource | Required | The MonitoredResource is the resource type associated with a log entry. The MonitoredResourceDescriptor
describes the schema of a |
jsonPayload | object (Struct format) | Required | The log entry payload that is expressed as a JSON object. The JSON
object contains the following fields:
|
string | Required | The statusDetails field
holds a string that explains why the load balancer returned
the HTTP status that it did. For more information about these log strings,
see statusDetails HTTP success messages and
statusDetails HTTP failure messages. |
Resource labels
The following table lists the resource labels forresource.type="http_load_balancer"
.
Field | Type | Description |
---|---|---|
backend_service_name |
string | The name of the backend service. |
forwarding_rule_name |
string | The name of the forwarding rule object. |
project_id |
string | The identifier of the Google Cloud project associated with this resource. |
target_proxy_name |
string | The name of the target proxy object referenced by the forwarding rule. |
url_map_name |
string | The name of the URL map object configured to select a backend service. |
zone |
string | The zone in which the load
balancer is running. The zone is global . |
statusDetails HTTP success messages
statusDetails (successful) | Meaning | Common accompanying response codes |
---|---|---|
byte_range_caching
|
The HTTP request was served using Cloud CDN byte range caching. | Any cacheable response code is possible. |
response_from_cache
|
The HTTP request was served from a Cloud CDN cache. | Any cacheable response code is possible. |
response_from_cache_validated
|
The return code was set from a Cloud CDN cached entry that was validated by a backend. | Any cacheable response code is possible. |
response_sent_by_backend
|
The HTTP request was proxied successfully to the backend, and the response was returned by the backend. | The HTTP response code is set by the software running on the backend. |
statusDetails HTTP failure messages
statusDetails (failure) | Meaning | Common accompanying response codes |
---|---|---|
aborted_request_due_to_backend_early_response
|
A request with body was aborted due to the backend sending an early response with an error code. The response was forwarded to the client. The request was terminated. | 4XX or 5XX |
backend_connection_closed_after_partial_response_sent
|
The backend connection closed unexpectedly after a partial response had been sent to the client. | The HTTP response code is set by the software running on the backend. HTTP response code 0 (zero) means that the backend sent incomplete HTTP headers. |
backend_connection_closed_before_data_sent_to_client
|
The backend unexpectedly closed its connection to the load balancer before the response was proxied to the client. This can happen if the load balancer is sending traffic to another entity. The other entity might be a third-party load balancer that has a TCP timeout that is shorter than the external HTTP(S) load balancer's 10-minute (600-second) timeout. The third-party load balancer might be running on a VM instance. Manually setting the TCP timeout (keepalive) on the target service to greater than 600 seconds might resolve the issue. | 502 |
backend_early_response_with_non_error_status
|
The backend sent a non-error response (1XX or 2XX) to a request before receiving the whole request body. | 502 |
backend_interim_response_not_supported
|
The backend sent an interim 1XX response to the request in a context where interim responses are not supported. | 502 |
backend_response_corrupted
|
The HTTP response body sent by the backend has invalid chunked transfer-encoding or is otherwise corrupted. | Any response code possible depending on the nature of the corruption. Often 502. |
backend_response_headers_too_long
|
The HTTP response headers sent by the backend exceeded the allowed limit. See the Header size for external HTTP(S) load balancers section for more information. | 502 |
backend_timeout
|
The backend timed out while generating a response. | 502 |
banned_by_security_policy
|
The request was banned by a Google Cloud Armor rate-based ban rule. | 429 |
body_not_allowed
|
The client sent an HTTP request with a body, but the HTTP method used does not allow a body. | 400 |
byte_range_caching_aborted
|
The load balancer previously received a response indicating that the resource was cacheable and supported byte ranges. Cloud CDN received an inconsistent response (for example, one with a response code other than the expected 206 Partial Content). This happened when attempting to perform cache fill using a byte range request. As a result, the load balancer aborted the response to the client. | 2XX |
byte_range_caching_forwarded_backend_response
|
The load balancer previously received a response indicating that the resource was cacheable and supported byte ranges. Cloud CDN received an inconsistent response (for example, one with a response code other than the expected 206 Partial Content). This happened when attempting to perform cache fill using a byte range request. The load balancer then forwarded the inconsistent response to the client. | Returned from the backend—any response code is possible. |
byte_range_caching_retrieval_abandoned
|
The client canceled a byte range request or validation request initiated by Cloud CDN. | Returned from the backend—any response code is possible. |
byte_range_caching_retrieval_from_backend_failed_after_partial_response
|
A byte range request or validation request initiated by Cloud CDN encountered an error. Refer to the corresponding Cloud Logging log entry for the request initiated by Cloud CDN for the detailed backend status. | 2XX |
cache_lookup_failed_after_partial_response
|
The load balancer failed to serve a full response from Cloud CDN cache due to an internal error. | 2XX |
cache_lookup_timeout_after_partial_response
|
The Cloud CDN cache lookup stream timed out because the client did not retrieve the content in a timely manner. | 2XX |
client_disconnected_after_partial_response
|
The connection to the client was broken after the load balancer sent a partial response. | Returned from the backend—any response code is possible. |
client_disconnected_before_any_response
|
The connection to the client was broken before the load balancer sent any response. | 0 |
client_timed_out
|
The Google Front End (GFE) idled out the client connection due to lack of progress while it was proxying either the request or the response. | 0 or 408 |
client_cert_invalid_rsa_key_size
|
A client leaf or intermediate certificate had an invalid RSA key size. For more information, see Logged errors for closed connections. | 0 |
client_cert_unsupported_elliptic_curve_key
|
A client or intermediate certificate is using an unsupported elliptic curve. For more information, see Logged errors for closed connections. | 0 |
client_cert_unsupported_key_algorithm
|
A client or intermediate certificate is using a non-RSA or non-ECDSA algorithm. For more information, see Logged errors for closed connections. | 0 |
client_cert_pki_too_large
|
The PKI to be used for validation has more than three intermediate certificates that share the same Subject and Subject Public Key Info. For more information, see Logged errors for closed connections. | 0 |
client_cert_chain_max_name_constraints_exceeded
|
An intermediate certificate provided for validation had more than ten name constraints. For more information, see Logged errors for closed connections. | 0 |
client_cert_chain_invalid_eku |
Either the client certificate or its issuer does not have
Extended Key Usage (EKU) that includes clientAuth . For more information, see
Logged errors for closed connections.
|
0 |
client_cert_validation_timed_out
|
Time limit exceeded while validating the certificate chain. For more information, see Logged errors for closed connections. | 0 |
client_cert_validation_search_limit_exceeded
|
The depth or iteration limit is reached while attempting to validate the certificate chain. For more information, see Logged errors for closed connections. | 0 |
client_cert_validation_not_performed
|
You have configured mTLS without setting up a TrustConfig .
For more information, see
Logged errors for closed connections.
|
0 |
client_cert_not_provided
|
The client did not provide the requested certificate during the handshake. For more information, see Logged errors for closed connections. | 0 |
client_cert_validation_failed
|
Client certificate fails validation with the TrustConfig .
For more information, see
Logged errors for closed connections.
|
0 |
config_not_found
|
The load balancer doesn't have a backend configured. | 404 or 503 |
direct_response
|
The load balancer overrode this request and returned a fixed response. | You might see any HTTP response code depending on the nature of the issue. For example, the HTTP 410 response code means that the backend is unavailable due to payment delinquency. |
denied_by_security_policy
|
The load balancer denied this request because of a Google Cloud Armor security policy. | Configured in the security policy. |
error_uncompressing_gzipped_body
|
There was an error uncompressing a gzipped HTTP response. | 503 |
failed_to_connect_to_backend
|
The load balancer failed to connect to the backend. This includes timeouts during the connection phase. | 502 |
failed_to_pick_backend
|
The load balancer failed to pick a healthy backend to handle the request. | 502 |
failed_to_negotiate_alpn
|
The load balancer and the backend failed to negotiate an application layer protocol (such as HTTP/2) to use to communicate with each other over TLS. | 502 |
headers_too_long
|
The request headers were larger than the maximum allowed. | 413 |
http_version_not_supported
|
HTTP version not supported. Currently only HTTP 0.9, 1.0, 1.1, and 2.0 are supported. | 400 |
internal_error
|
Internal error at the load balancer. Normally represents a transient error in the load balancer infrastructure. Retry your query. | 4XX |
invalid_external_origin_endpoint
|
The configuration for the external backend is invalid. Review the internet NEG configuration and ensure that it specifies a valid FQDN/IP address and port. | 4XX |
invalid_request_headers
|
The HTTP request headers from a client are invalid. | 400 |
invalid_http2_client_header_format
|
The HTTP/2 headers from a client are invalid. | 400 |
multiple_iap_policies
|
Multiple Identity-Aware Proxy (IAP) policies cannot be combined. If you have an IAP policy attached to a backend service and another policy attached to a serverless object, remove one of the policies and try again. Serverless objects include App Engine, Cloud Run, and Cloud Functions. | 500 |
malformed_chunked_body
|
The request body was improperly chunk encoded. | 411 |
request_loop_detected
|
The load balancer detected a request loop. This loop might be caused by a misconfiguration where the backend forwarded the request back to the load balancer. | 502 |
required_body_but_no_content_length
|
The HTTP request requires a body but the request headers did not include a content length or transfer-encoding chunked header. | 400 or 403 |
secure_url_rejected
|
A request with an https:// URL was received over a plaintext HTTP/1.1 connection. | 400 |
ssl_san_verification_failed
|
The load balancer could not find a SAN (Subject Alternative Name) in the SSL certificate presented by backend that matches configured hostname. | 502 |
ssl_certificate_chain_verification_failed
|
The SSL certificate presented by the backend failed SSL certificate verification. | 502 |
throttled_by_security_policy
|
The request was blocked by a Google Cloud Armor throttle rule. | 429 |
unsupported_method
|
The client supplied an unsupported HTTP request method. | 400 |
unsupported_100_continue
|
The client request included 'Expect: 100-continue' header on a protocol that doesn't support it. | 400 |
upgrade_header_rejected
|
The client HTTP request contained the Upgrade header and was refused. | 400 |
websocket_closed
|
The WebSocket connection was closed. | 101 |
websocket_handshake_failed
|
The WebSocket handshake failed. | Any response code possible depending on the nature of the handshake failure. |
request_body_too_large
|
The HTTP request body exceeded the maximum supported by the backend. Not applicable for VM backends. | 413 |
handled_by_identity_aware_proxy
|
This response was generated by Identity-Aware Proxy during identity verification of the client before allowing access. | 200, 302, 400, 401, 403, 500, 502 |
serverless_neg_routing_failed
|
The serverless NEG request cannot be dispatched. This error can happen when the region specified in the NEG cannot be reached, or when the resource name (for example, the Cloud Functions name) cannot be found. | 404, 502 |
fault_filter_abort
|
This error can happen if the customer has configured a fault filter and the fault filter was triggered for the given request. | The value must be from 200 to 599. |
View logs for mTLS client certificate validation
To view the logged errors for closed connections during mutual TLS client certificate validation, complete the following steps.
Console query
In the Google Cloud console, go to the Logs Explorer page.
Click the Show query toggle.
Paste the following into the query field. Replace
FORWARDING_RULE_NAME
with the name of your forwarding rule.jsonPayload.statusDetails=~"client_cert" jsonPayload.@type="type.googleapis.com/google.cloud.loadbalancing.type.LoadBalancerLogEntry" resource.labels.forwarding_rule_name=FORWARDING_RULE_NAME
Click Run query.
Logging for backend buckets
Logging is automatically enabled for load balancers with backend buckets. You cannot modify or disable logging for backend buckets.
Logging for Google Cloud Armor
The table for statusDetail
HTTP failure messages contains some messages that
apply to Google Cloud Armor. For more information about what
Google Cloud Armor logs, see Using request logging.
Interacting with the logs
You can interact with the external HTTP(S) load balancer logs by using the Cloud Logging API. The Logging API provides ways to interactively filter logs that have specific fields set. It exports matching logs to Cloud Logging, Cloud Storage, BigQuery, or Pub/Sub. For more information about the Logging API, see Cloud Logging API overview.
Monitoring
The load balancer exports monitoring data to Cloud Monitoring.
You can use monitoring metrics to do the following:
- Evaluate a load balancer's configuration, usage, and performance
- Troubleshoot problems
- Improve resource utilization and user experience
In addition to the predefined dashboards in Cloud Monitoring, you can create custom dashboards, set up alerts, and query the metrics through the Cloud Monitoring API.
Viewing predefined Cloud Monitoring dashboards
Cloud Monitoring provides predefined dashboards to monitor your load balancers. These dashboards are automatically populated by Cloud Monitoring.
Perform the following steps to access the predefined dashboards:
Go to Monitoring in the Google Cloud console.
In the Monitoring navigation panel, click Dashboards.
Under Categories, click GCP.
To view a list of dashboards for all your Google Cloud load balancers, select the dashboard named Google Cloud Load Balancers. To view a specific load balancer's dashboard, locate the load balancer in the list and click its name.
To view the predefined dashboards for only your external HTTP(S) load balancers, select the dashboard named External HTTP(S) Load Balancers. This page displays a dashboard that shows the 5XX response ratios and backend latency for all external HTTP(S) load balancers in your project. It also provides a list of dashboards for all the external HTTP(S) load balancers in your project.
You can click through to each load balancer's dashboard. Each dashboard includes the following:- Pre-populated graphs that display breakdowns for responses by response code classes (5XX, 4XX, 3XX, 2XX)
- Total latency
- Backend latency
- Frontend RTT
- Request count
- A link to the logs for the load balancer
To view dashboards for third-party services, go back to the Dashboards page. Under Categories, click Other.
- To view a specific third-party service dashboard, locate it in the list and click its name.
Defining alerting policies
To follow step-by-step guidance for this task directly in the Google Cloud console, click Guide me:
You can create alerting policies to monitor the values of metrics and to notify you when those metrics violate a condition.
- In the Google Cloud console, go to the Monitoring page.
- In the Monitoring navigation pane, select notificationsAlerting.
- If you haven't created your notification channels and if you want to be notified, then click Edit Notification Channels and add your notification channels. Return to the Alerting page after you add your channels.
- From the Alerting page, select Create policy.
- To select the metric, expand the Select a metric menu and then do the following:
- To limit the menu to relevant entries, enter
Google Cloud HTTP/S Load Balancing Rule
into the filter bar. If there are no results after you filter the menu, then disable the Show only active resources & metrics toggle. - For the Resource type, select Google Cloud HTTP/S Load Balancing Rule.
- Select a Metric category and a Metric, and then select Apply.
- To limit the menu to relevant entries, enter
- Click Next.
- The settings in the Configure alert trigger page determine when the alert is triggered. Select a condition type and, if necessary, specify a threshold. For more information, see Create metric-threshold alerting policies.
- Click Next.
- Optional: To add notifications to your alerting policy, click Notification channels. In the dialog, select one or more notification channels from the menu, and then click OK.
- Optional: Update the Incident autoclose duration. This field determines when Monitoring closes incidents in the absence of metric data.
- Optional: Click Documentation, and then add any information that you want included in a notification message.
- Click Alert name and enter a name for the alerting policy.
- Click Create Policy.
Defining Cloud Monitoring custom dashboards
You can create custom Cloud Monitoring dashboards for the load balancer's metrics:
In the Google Cloud console, go to the Monitoring page.
Select Dashboards > Create Dashboard.
Click Add Chart, and then give the chart a title.
To identify the time series to be displayed, choose a resource type and metric type:
- In the Resource & Metric section, click the chart, and then
in the Select a metric section, select from the available options:
- For a global external HTTP(S) load balancer, select the resource type Google Cloud HTTP/S Load Balancing Rule.
- Click Apply.
- In the Resource & Metric section, click the chart, and then
in the Select a metric section, select from the available options:
To specify monitoring filters, click Filters > Add filter.
Click Save.
Metric reporting frequency and retention
Metrics for the external HTTP(S) load balancers are exported to Cloud Monitoring in 1-minute granularity batches. Monitoring data is retained for six (6) weeks. Metrics are based on sampled traffic (sampling rate is dynamic and cannot be adjusted). The dashboard provides data analysis in default intervals of 1H (one hour), 6H (six hours), 1D (one day), 1W (one week), and 6W (six weeks). You can manually request analysis in any interval from 6W to 1 minute.
Monitoring metrics
You can monitor the following metrics for external HTTP(S) load balancers.
The following metrics for global external HTTP(S) load balancers are
reported into Cloud Monitoring.
These metrics are prepended with loadbalancing.googleapis.com/
.
Metric | Name | Description |
---|---|---|
Request count | https/request_count |
The number of requests served by the external HTTP(S) load balancer |
Request bytes count | https/request_bytes_count |
The number of bytes sent as requests from clients to the external HTTP(S) load balancer |
Response bytes count | https/response_bytes_count |
The number of bytes sent as responses from the external HTTP(S) load balancer to clients |
Total latencies | https/total_latencies |
A distribution of the latency. Latency is the time between the first byte of the request received to the last byte of the response sent by the GFE. Total latencies are measured by request/response. Pauses between requests
on the same connection that use Example: A load balancer has 1 request per second from the UK, all with 100 ms latency, and 9 requests per second from the US, all with 50 ms latency. Over a certain minute there were 60 requests from the UK and 540 requests from the US. Monitoring metrics preserves the distribution over all dimensions. You can request information such as the following:
|
Frontend RTT* | https/frontend_tcp_rtt |
A distribution of the smoothed round trip time (RTT) measured for each connection between the client and the GFE (measured by the GFE's TCP stack). Smoothed RTT is an algorithm that deals with variations and anomalies that may occur in RTT measurements. |
Backend latencies* | https/backend_latencies |
A distribution of the latency measured from when the first request byte was sent by the GFE to the backend, until the GFE received from the backend the last byte of the response. For WebSocket connections, backend latencies apply to the entire duration of the WebSocket session. |
Response code class fraction | Fraction of total external HTTP(S) load balancer responses that are in each response code class (2XX, 4XX, ...). In Cloud Monitoring, this value is only available on default dashboards. It is not available for custom dashboards. You can use the API to set alerts for it. | |
Backend request count | https/backend_request_count |
The number of requests sent from the external HTTP(S) load balancer to the backends. |
Backend request bytes count | https/backend_request_bytes_count |
The number of bytes sent as requests from the external HTTP(S) load balancer to the backends. |
Backend response bytes count | https/backend_response_bytes_count |
The number of bytes sent as responses from the backends (including cache) to the external HTTP(S) load balancer. |
Filtering dimensions for metrics
You can apply filters for metrics for external HTTP(S) load balancer.
Metrics are aggregated for each global external HTTP(S) load balancer. You can filter
aggregated metrics by the following dimensions for
resource.type="http_load_balancer"
.
Property | Description |
---|---|
backend_scope | The Google Cloud scope
(region or zone)
of the backend service instance group that served the connection. If no instance group was available or if the request was served by another entity, you will see one of the following values instead of the region or zone of the backend service instance group.
When this breakdown is chosen, the charts show backend metrics (load balancer-to-backends), not frontend metrics (client-to-load balancer). |
backend_scope = "backend_zone" | If the instance group was a zonal instance group, the Google Cloud
zone of the
instance group that served the client's request. (Examples:
us-central1-a , europe-west1-b ,
asia-east1-c )When this breakdown is chosen, the charts show backend metrics (load balancer-to-backends), not frontend metrics (client-to-load balancer). |
backend_scope = "backend_region" | If the instance group was a regional instance group, the Google Cloud
region of the
instance group that served the client's request. (Examples:
us-central1 , europe-west1 ,
asia-east1 )When this breakdown is chosen, the charts show backend metrics (load balancer-to-backends), not frontend metrics (client-to-load balancer). |
proxy_continent | Continent of the HTTP(S) GFE that terminated the HTTP(S) connection.
(Examples: America , Europe , Asia ) |
backend_type = "INSTANCE GROUP" | The name of the instance group that served the client's request. If no instance group was available or if the request was served by another entity, you will see one of the following values instead of an instance group.
When this breakdown is chosen, the charts show backend metrics (load balancer-to-backends), not frontend metrics (client-to-load balancer). |
backend_target_type = "BACKEND_SERVICE" | The name of the backend service that served the request. |
matched_url_path_rule | The URL map path rule that matched the prefix of the HTTP(S) request (up to 50 characters). |
forwarding_rule_name | The name of the forwarding rule used by the client to send the request. |
What's next
- Read the External HTTP(S) load balancer overview.