Amazon CloudFront is a global content delivery network (CDN) service that accelerates delivery of your websites, APIs, video content or other web assets.
Enable this integration to see in Datadog all your CloudFront metrics.
If you haven’t already, set up the Amazon Web Services integration first.
CloudFront is checked under metric collection.When you enable CloudFront logging for a distribution, specify the Amazon S3 bucket that you want CloudFront to store log files in. If you’re using Amazon S3 as your origin, Datadog recommends that you do not use the same bucket for your log files; using a separate bucket simplifies maintenance.
Important note: Store the log files for multiple distributions in the same bucket. When enabling logging, specify cloudfront as prefix for the file names, to keep track of which log files are associated with which distributions.
Configure your trigger by choosing the S3 bucket that contains your Cloudfront logs and change the event type to Object Created (All) then click on the add button.
Once done, go in your Datadog Log section to start exploring your logs!
When creating a real-time log configuration, you can specify which log fields you want to receive. By default, all of the available fields are selected.
Datadog recommends that you keep this default configuration and add the following custom parsing rule to automatically process logs with all fields enabled.
Navigate to the Pipelines page, search for AWS CloudFront, [create or edit a grok parser processor][7], and add the following helper rules under Advanced Settings:
real_time_logs (%{number:timestamp:scale(1000)}|%{number:timestamp})\s+%{_client_ip}\s+%{_time_to_first_byte}\s+%{_status_code}\s+%{_bytes_write}\s+%{_method}\s+%{regex("[a-z]*"):http.url_details.scheme}\s+%{notSpace:http.url_details.host:nullIf("-")}\s+%{notSpace:http.url_details.path:nullIf("-")}\s+%{_bytes_read}\s+%{notSpace:cloudfront.edge-location:nullIf("-")}\s+%{_request_id}\s+%{_ident}\s+%{_duration}\s+%{_version}\s+IPv%{integer:network.client.ip_version}\s+%{_user_agent}\s+%{_referer}\s+%{notSpace:cloudfront.cookie}\s+(%{notSpace:http.url_details.queryString:querystring}|%{notSpace:http.url_details.queryString:nullIf("-")})\s+%{notSpace:cloudfront.edge-response-result-type:nullIf("-")}\s+%{_x_forwarded_for}\s+%{_ssl_protocol}\s+%{_ssl_cipher}\s+%{notSpace:cloudfront.edge-result-type:nullIf("-")}\s+%{_fle_encrypted_fields}\s+%{_fle_status}\s+%{_sc_content_type}\s+%{_sc_content_len}\s+%{_sc_range_start}\s+%{_sc_range_end}\s+%{_client_port}\s+%{_x_edge_detailed_result_type}\s+%{notSpace:network.client.country:nullIf("-")}\s+%{notSpace:accept-encoding:nullIf("-")}\s+%{notSpace:accept:nullIf("-")}\s+%{notSpace:cache-behavior-path-pattern:nullIf("-")}\s+%{notSpace:headers:nullIf("-")}\s+%{notSpace:header-names:nullIf("-")}\s+%{integer:headers-count}.*Real-time logs are delivered to the Kinesis Data Stream of your choice and can be directly forwarded to Datadog with the Kinesis Firehose integration.
You can also configure a consumer, such as Amazon Kinesis Data Firehose, to send Real-time logs to an S3 bucket and use the Datadog Lambda forwarder to ship logs to Datadog.
| aws.cloudfront.4xx_error_rate (gauge) | The percentage of all requests for which the HTTP status code is 4xx. Shown as percent |
| aws.cloudfront.5xx_error_rate (gauge) | The percentage of all requests for which the HTTP status code is 5xx. Shown as percent |
| aws.cloudfront.bytes_downloaded (count) | The number of bytes downloaded by viewers for GET, HEAD, and OPTIONS requests. Shown as byte |
| aws.cloudfront.bytes_uploaded (count) | The number of bytes uploaded to your origin with CloudFront using POST and PUT requests. Shown as byte |
| aws.cloudfront.requests (count) | The number of requests for all HTTP methods and for both HTTP and HTTPS requests. |
| aws.cloudfront.total_error_rate (gauge) | The percentage of all requests for which the HTTP status code is 4xx or 5xx. Shown as percent |
| aws.cloudfront.401_error_rate (gauge) | The percentage of all viewer requests for which the response’s HTTP status code is 401 (Additional Metrics must be enabled). Shown as percent |
| aws.cloudfront.403_error_rate (gauge) | The percentage of all viewer requests for which the response’s HTTP status code is 403 (Additional Metrics must be enabled). Shown as percent |
| aws.cloudfront.404_error_rate (gauge) | The percentage of all viewer requests for which the response’s HTTP status code is 404 (Additional Metrics must be enabled). Shown as percent |
| aws.cloudfront.502_error_rate (gauge) | The percentage of all viewer requests for which the response’s HTTP status code is 502 (Additional Metrics must be enabled). Shown as percent |
| aws.cloudfront.503_error_rate (gauge) | The percentage of all viewer requests for which the response’s HTTP status code is 503 (Additional Metrics must be enabled). Shown as percent |
| aws.cloudfront.504_error_rate (gauge) | The percentage of all viewer requests for which the response’s HTTP status code is 504 (Additional Metrics must be enabled). Shown as percent |
| aws.cloudfront.origin_latency (gauge) | The total time spent from when CloudFront receives a request to when it starts providing a response to the network (not the viewer) for requests that are served from the origin (not the CloudFront cache). This is also known as first byte latency or time-to-first-byte (Additional Metrics must be enabled). Shown as millisecond |
| aws.cloudfront.cache_hit_rate (gauge) | The percentage of all cacheable requests for which CloudFront served the content from its cache. HTTP POST and PUT requests (and errors) are not considered cacheable requests (Additional Metrics must be enabled). Shown as percent |
| aws.cloudfront.function_invocations (count) | The number of times the function was started in a given time period. Shown as invocation |
| aws.cloudfront.function_validation_errors (gauge) | The number of validation errors produced by the function in a given time period. Shown as error |
| aws.cloudfront.function_execution_errors (gauge) | The number of execution errors that occurred in a given time period. Shown as error |
| aws.cloudfront.function_execution_time (gauge) | The amount of time that the function took to run as a percentage of the maximum allowed time. Shown as percent |
Each of the metrics retrieved from AWS are assigned the same tags that appear in the AWS console, including but not limited to aws_account, region, and distributionid.
The AWS Cloudfront integration does not include any events.
The AWS Cloudfront integration does not include any service checks.
Need help? Contact Datadog support.