Custom Log Push Fields
If you need to push HTTP request headers, HTTP response headers, Cookie values, or certain field values in the HTTP request body, you can accurately record these information in the logs using the custom log field feature.
Use Restrictions
Currently, only real-time logs - site acceleration logs support adding custom fields;
In the same real-time log push task, custom field names must not be duplicated;
A maximum of 200 Custom Definition fields can be configured;
Field names are case-sensitive and must exactly match the original field names in HTTP actions;
When the field type is selected as request header, response header, or Cookie, the field name can be 1 to 100 characters long, starting with a letter, consisting of letters, digits, and hyphens (-), and ending with a letter or digit;
When the field type is selected as request body, you can use Google RE2 regular expressions to extract the specified content;
For a single request body type field, the maximum length of the regular expression is 4 KB;
For a single request body type field, the maximum length of the extracted content is 1,000 bytes. Contents exceeding this limit will be truncated and discarded;
Up to 5 request body type custom fields can be added for a single real-time log push task.
Example 1: Logging the value of a specified response header
Sample Scenario
In some business scenarios, understanding the size of the response body is crucial for monitoring network traffic and optimizing performance. To achieve this, custom definition log fields can be configured to record the value of the
Content-Length header for each response.Operation step
1. Access the EdgeOne console, locate the left-hand menu, and select the Site List. Within this listing, click on the Site requiring configuration.
2. On the Site Details Page, click Log Service > Real-time Logs.
3. On the Real-time Logs page, click Create shipping task.
4. On Select the log source Page, fill in the Task name, select the Log type Service area, the Domain name/Layer 4 Proxy Instance for which the logs need to be pushed, and click Next.
5. On the Define delivery content page, click Add custom field.
5.1 Select the field type as Response Header;
5.2 Enter the field name as
Content-Length;5.3 click Save.
6. After configuring the destination, click Ship.
Example 2: Logging Specified Content from the Request Body
Sample Scenario
Assume that you need to extract the
account field from a POST request's request body JSON object for analyzing the access behaviors of different user accounts.Operation Step
1. Log in to the EdgeOne console, and on the left sidebar, click Site List . In the site list, click the site to be configured.
2. On the Site Details page, click Log Service > Real-time Logs.
3. On the Real-time Logs page, click ++Create shipping task++.
4. On the Select the log source page, fill in the task name, select the log type, service area, and the domain name for which the logs to be pushed, and then click Next .
5. On the Define Push Content page, click Add custom field .
5.1 Select the field type as Request body.
5.2 Fill in the field name as
"account": "(.*?)" .5.3 Click Save .
6. After configuring the destination, click Push.
7. Send a test request to check whether the log recording behavior meets expectations. The test command is as follows:
curl -X POST https://www.example.com -H "Content-Type: application/json" -d '{"account": "user123", "password": "pass456"}'
8. The received logs will include the
RequestBodyCustom1 field, presented as a key-value pair in the example. If you add multiple request body type custom fields in a single real-time log push task, the received logs will sequentially include RequestBodyCustom1 , RequestBodyCustom2 , and so on.{"RequestBodyCustom1":"\"account\": \"user123\""}
References
If you would like to understand the meanings of various HTTP request and response headers to decide whether to log them, please refer to HTTP Standard Header Explanation.