Support

Find answers, guides, and tutorials to supercharge your content delivery.

KeyCDN Log Format

Updated on October 4, 2018

The log fields are separated by | (pipe). See the example below.

  1. Timestamp incl. msec (e.g. 1383918771.123)
  2. POP (point of presence)
  3. IP address of the client (e.g. 111.111.111.0 or 2001:be:ef::1)
  4. HTTP status code. A full list of all status codes is available on Wikipedia
  5. Bytes sent for this request (e.g. 1392)
  6. User ID (e.g. uid1234)
  7. Zone ID (e.g. zid4321)
  8. Zone Alias (preferred) or Zone domain (e.g. cdn.example.com)
  9. Cache status (e.g. HIT)
  10. CLF request (e.g. “GET /path/folder/image-15kb.jpg HTTP/1.1”)
  11. CLF date (e.g. [13/Aug/2014:22:23:02 +0200])
  12. Referrer (enclosed by double quotes)
  13. Agent (enclosed by double quotes)
  14. Scheme (e.g. https)
  15. TLS Version (e.g. TLSv1.2)
  16. Country Code (e.g. US)
  17. Region Code two-symbol country region (state, province, etc) code (e.g CA)
  18. Organization (e.g. “AS14618 Amazon.com, Inc.”)
  19. Byte Range bytes=<range requested> (e.g. bytes=512-1024)

Note: The client IP is anonymized by setting the last octet to 0 to be GDPR compliant.

Example

1407961382.123|usla|111.111.111.0|200|253061|uid1234|zid4321|lorem-1.kxcdn.com|HIT|"GET /lorem.jpg HTTP/1.1"|[13/Aug/2014:22:23:02 +0200]|"http://www.yourwebsite.com"|"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Firefox/31.0"|https|TLSv1.2|US|CA|"AS14618 Amazon.com, Inc."|-
KeyCDN uses cookies to make its website easier to use. Learn more about cookies.