This section discusses in detail the different levels of logging for each virtual service.

Client logs are viewable within the Logs tab of virtual service and pools and provide a record of client interactions with the site. Logs can be an expensive task to collect and index, particularly taxing for the storage allocated to both SEs and NSX Advanced Load Balancer Controllers. Because of this, NSX Advanced Load Balancer has many options for enabling different logging levels for each virtual service.

Significant Logs

Always enabled, NSX Advanced Load Balancer records all significant logs, which generally means errors. The definition of an error is defined by the analytics profile attached to the virtual service. Significant logs are collected by the SEs and offloaded to the NSX Advanced Load Balancer Controller when a user sends a log query to the NSX Advanced Load Balancer Controller.

For more information, see On-Demand Approach for Handling Significant Logs.

Full Client Logs

In addition to significant logs, NSX Advanced Load Balancer may also capture “good” network connection and HTTP traffic. Full-client logging is enabled for the first 30 minutes when a new virtual service is created. After this time lapses, full-client logging is deactivated, and the virtual service drops back to only recording significant logs. Full-client logs capture all connections and HTTP requests and responses.

These logs are collected and stored in the SE. When the admin requests to view virtual service or pool logs, the Controller pulls the logs from SEs, indexes and displays the results. Because SEs typically have less storage capacity, these logs may rotate quickly depending on the allocated SE storage and the rate of new connections or requests.

DataScript

If an error occurs within a DataScript, the results will be logged. Expand a client log and select All Headers to view DataScript error details.DataScripts may also be configured to log custom information.

When configured and activated for a connection or request (i.e., any prerequisite if the condition is met), a full-client log will be created for the connection or request, including the custom DataScript log value.

The full-client log will be created even if full-client logging is not active. A common use case is only to provide detailed records for connections that match specific criteria determined by the DataScript.

Policies

Policies are used similar to DataScript to capture a full-client log. If the logging option is enabled and the policy match is true, then a full-client log for the connection or request is generated. While policies can mark a connection or request to generate a full-client log, policies cannot create custom log data whereas a DataScript can create custom log data.

All Headers

Full-client logs include nearly 100 data points, including many that are not shown in the NSX Advanced Load Balancer UI. To view all captured data, export the logs to view in a third-party viewer.

By default, full-client logs do not capture all client HTTP requests and server response headers. This expanded information may be captured by editing the Virtual Service > Analytics tab. First, ensure that full-client logging is enabled. Then create a custom log filter with the All Headers button enabled.

The best practice is to define a reasonably restrictive filter for the All Headers option. The request and response headers may be huge, sometimes exceeding 40 KB per log. For this reason, enable this feature temporarily while troubleshooting, then disable it afterwards. To view the all-headers data, expand a client log and select the View All Headers button.