Proxy Logs Attributes

Detailed information about Proxy logs attributes, cache source codes, and delivery status codes

The Traffic Viewer page of the Webscale Control Panel enables you to view Proxy logs attribute information for an application within a specified time period. For more information on accessing Traffic Viewer, see Access Traffic Viewer.

The following Proxy logs attributes table provides Proxy logs attribute information. You can view the name, display name, aliases, and a description for each attribute. Specific codes, presented in the Cache source codes and Delivery status codes tables, are returned for the cache_source and delivery_status proxy logs attributes.


Proxy logs attributes

Name Display Name Aliases Description
arrival Arrival arrival ISO 8601-formatted date when the request arrived at the Webscale proxy
bytes_in Bytes in bytes_in Bytes that the Webscale proxy received, including request line and headers
bytes_out Bytes out bytes_out Bytes that the Webscale proxy sent to the client, including response headers
cache_control Cache control cache_control Contents of the Cache-Control response header
cache_source Cache source cache_source Two-letter codes that indicate the action the source took while responding to the request
completed Completed completed ISO 8601-formatted date for when processing the request was completed
country Country country Two-letter ISO 3166-2 country code for the origin of the request
delivery_status Delivery status delivery_status Numeric codes that indicate the delivery status of the request. “0” for traffic proxied through to the application. When not “0,” the Webscale proxy handled the request directly.
elapsed Elapsed elapsed Interval between when the proxy received the request and sent the complete response
internal_transport_latency Internal latency internal_latency
Internal proxy delay while processing the request
labels Labels labels List of user-defined labels used to track traffic with the Add Labels web control action
load_id Load ID load_id Unique ID that identified a user-initiated pageload. All resource requests shared the ID to render the page.
location Location location Contents of the Location response header
peer_address Peer address peer_address IP address of the immediate peer connecting to the proxy. If the peer is a trusted proxy, the remote IP address of the user agent that made the request is used.
proxy_address Proxy address proxy_address IP address of the proxy that handled the request
queue_latency Queue latency queue_latency Amount of time that the request spent queued on the proxy, possibly due to a slow backend
range Range range Contents of the Range request header
referrer Referrer referrer Contents of the Referer request header
request_address Request address request_address Remote IP address of the user agent that made the request
request_host Request host host
Contents of the Host request header
request_id Request ID request_id Unique ID for each request that the proxy served
request_method Request method request_method HTTP request method
request_path Request path request_path Virtual path of the request (latter portion of the request URL separated by backslashes after the main website name)
request_port Request port request_port Port number that received the request
request_protocol Request protocol protocol
HTTP protocol version
request_query Request query request_query URL request query parameters (located in the latter sections of the request URL)
request_url Request URL request_url String with the host, scheme, path, and query parameters for the request
response_content_type Response content type content_type
Contents of the Content-Type response header
server_address Server address server_address Application server address used to fulfill the request
server_latency Server latency server_latency Interval between when the server received the request and the browser received the last byte of the response
session_id Session ID session_id Unique ID that a server assigned to a specific user for a session
status_code Status code response_status_code
Response status code that indicates if the specific request successfully completed
threat Threat threat “y” if the IP address was a potential attacker. “n” otherwise.
tls_cipher TLS cipher tls_cipher Encryption algorithms for transport layer security
tls_version TLS version tls_version
Highest version of the transport layer security protocol that the client supported
ttfb TTFB ttfb
Interval between when the data plane received the request and sent the first byte of the response
url_map URL map url_map Name of the url map used in a web control that resulted in the request being redirected
useragent User agent useragent
Contents of the User-Agent request header
useragent_device User agent device useragent_device
Device type used to make the request (e.g., smartphone, desktop, etc.)
useragent_name Browser browser
Browser type used to make the request (e.g., Google Chrome, Safari, etc.)
useragent_os User agent OS useragent_os
Operating system type used to make smartphone request (e.g., Android, Mac, etc.)
webcontrols Web controls webcontrols List of web controls that ran for this request

Cache source codes

The two-letter cache source codes identify the actions that the cache_source log attribute indicates.

Source Code Explanation
NE “Not Eligible” — Request did not match any site cache conditions and pagespeed did not cache it
PH “Pagespeed Hit” — Request was served from the cache when optimization was turned on and the resources required to render the page were present in the cache
PM “Pagespeed Miss” — Request was not served from the cache when optimization was turned on and the resources required to render the page were not present in the cache
PF “Pagespeed Fill” — Request initiated a pagespeed fill when optimization was turned on and the resources required to render the page were seen for the very first time
SH “Site Cache Hit” — Request was served from the cache when the site cache was turned on and the request matched a site cache condition which was present in the cache
SM “Site Cache Miss” — Request was not served from the cache when site cache was turned on and the request matched a site cache condition which was not present in the cache
SF “Site Cache Fill” — Request initiated a site cache fill when site cache was turned on and the request matched one of the site cache conditions for the very first time

Delivery status codes

The delivery status codes identify how the response was generated. All non-zero values of these codes signify that the Webscale proxy server intercepted the request.

Status Code Description
0 Request fulfilled by an application server
1 Request rejected because the source IP address was in the blacklist
2 Request rejected due to the activated WAF rule that the user uploaded
3 Request rejected because it was sitting in the suspended queue for a time equal to or greater than maximum_queue_time
4 Request rejected because the proxy could not process the request since the suspended queue was full
5 Shield mode turned on. The request was presented with the captcha page.
6 Shield mode turned on. The client successfully validated the captcha page.
7 Shield mode turned on. The user made an unsuccessful attempt to verify the captcha.
8 Shield mode turned on and the client presented an invalid token. The request was presented with the captcha page.
9 Request denied by the Deny Request web control action
10 Request redirected by the Redirect Request or Redirect Using Map web control action
11 Request had a mod_pagespeed_beacon
12 Internal request
13 Request satisfied by Amazon Cloudfront
14 Request is satisfied from the proxy. This includes but is not necessarily limited to:
  • 421 Misdirected errors where the SNI host does not match HTTP header host
  • 502 Bad gateway when the backend cannot be connected
  • 404 Not found when path contains escaped slashes (%2F)
  • 200 Delivering robots.txt from the CDN hostname (vhost)
  • 405 Method not allowed for TRACE method requests
  • 400 Bad request for bad URLs
  • 403 Backend certificate could not be validated
15 Request that is responsible for filling the cache in case of a miss
16 Request that can be satisfied from the cache now or in the future:
  • If the page was cached, the request is satisfied from the cache
  • If the page was not cached, a fill request will be initiated to fill the cache
17 Request had a bad port number
18 Request is satisfied by the microsite
19 Role-based access control: User redirected to the Webscale Control Panel page to authenticate
20 Role-based access control: Successful authentication. User did have the necessary role.
21 Role-based access control: Unsuccessful authentication. User did not have the necessary role.
22 Client-closed connection (499 status code)

Further Reading

Have questions not answered here? Please Contact Support to get more help.

Last modified October 20, 2021