Access Logs | Notion

Purpose: CloudFront access logs capture every request made to your origin through CloudFront, logging details into a designated S3 bucket.
Operation: Users access your site via a CloudFront URL. Each edge location sends its log files to a central S3 bucket specified for logging.
Bucket Types: There are two distinct S3 bucket types involved:
- Origin Bucket: Linked to CloudFront for content hosting.
- Logs Bucket: Receives log files for access analysis.

Enable Logging: Through the CloudFront distribution's settings, you can turn on standard logging, specifying an S3 bucket for the logs.
Log Prefix: Optionally, add a prefix to organize logs within the S3 bucket, especially useful if managing logs from multiple distributions.

Analyzing Access Logs

Content: Logs include detailed request information, such as date, time, request type, status codes, and more.
Tools for Analysis: AWS Athena can be used to analyze the log files for insights into access patterns and issues.

Reports Generated from Access Logs: CloudFront offers several reports without needing access logs to be enabled in S3, including Cache Statistics, Popular Objects, Top Referrers, Usage, and Viewers Reports.
Cache Performance: Insights into cache hits and misses, indicating the efficiency of content delivery.
Data Transfer and HTTP Status Codes: Analysis of bytes transferred, cache performance, and encountered HTTP status codes.
Viewer Insights: Information on referrers, viewer devices, browsers, operating systems, and geographic locations accessing the distribution.

Error Caching: CloudFront caches HTTP 400 and 500 series errors from S3 or the origin server, with specific codes indicating access issues or non-existent objects.
Monitoring Tools: CloudFront integrates with AWS monitoring tools to track requests, data transfers, error rates, origin latency, and cache error rates over time.

Logs and Analytics Integration: CloudFront's logging and reporting capabilities provide comprehensive insights into distribution performance and viewer behavior.