- Newest
- Most votes
- Most comments
Hello.
Can I enable access logging for ALB?
I believe this log records host headers, etc.
If the host header is not present at this point, it may have been deleted by HAProxy, and if there is a host header, it may have been deleted by ALB.
You may also be able to see why the request is failing.
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html
It started working now but I'm still not very sure what made it not working in the first place. Few things I noticed along the way:
- AWS doesn't like if the number of used AZs on the EndPoint Service account (e.g. account-B) doesn't match with the number of AZs on the VPC PrivateLink account (e.g. account-A)
- The NLB that associated with the the EndPoint Service (on account-B) needs to be cross-zone load balancing enabled
- Also, I read somewhere that at least two registered targets are required (on account-B behind the NLB) to make it work but not very sure about it.
My NLB was cross-zone enabled from the very begining, and I made of point #1 and #3 the moment I git 400 error for the first time. So, all three points were true for me. What I did along the way, disabled and re-enabled NLB cross-zone load balancing capability and it seems like started working at somepoint after that. I'm not entirely sure if that was the case then question still remains why it didn't work before as it was enabled from day one. ALB access-log didn't have any useful or obvious information at all. Did anyone experience anything similar at all?
-S
Relevant content
- asked 5 months ago
- asked a year ago
- asked 2 years ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 20 days ago
- AWS OFFICIALUpdated 4 months ago