Tracing requests as they move through CloudFront and ALB can be challenging. This article demonstrates how to correlate logs from these services by leveraging the X-Amz-Cf-Id and X-Amzn-Trace-Id headers automatically injected by CloudFront and ALB. By including these headers in your backend server logs, you can achieve comprehensive end-to-end transaction tracing.
Understanding CloudFront and ALB Headers
When CloudFront forwards an HTTP request to its origin, it automatically injects the X-Amz-Cf-Id
header, which contains an opaque string uniquely identifying the request. This value is logged in the CloudFront access logs under the x-edge-request-id
field.
Similarly, ALB automatically injects the X-Amzn-Trace-Id
header when forwarding a request to the target group. This header's value is logged in the ALB access logs under the trace_id
field.
Enriching Backend Server Logs
To effectively correlate logs, it's essential to capture these headers in your backend server's access logs. For instance, to include these headers in Nginx access logs, you would modify the nginx.conf
configuration file. Specifically, you would update the log_format
directive to extract the header values and log them as additional fields, such as "$http_x_amz_cf_id"
and "$http_x_amzn_trace_id"
.
Correlating Logs Across Services
With these headers now logged on your backend server, you can correlate each transaction across CloudFront and ALB logs. This allows you to trace the complete path of a request, ensuring seamless tracking and troubleshooting.
Solution Diagram