If you’re operating at scale, you’re probably already making use of a CDN. They’ve become ubiquitous amongst any company trying to handle large volumes of website traffic.
It’s surprising then, that so many organizations rely heavily on their CDN, but they don’t take advantage of the wealth of observability data that a CDN offers. Our experience shows that adequate analysis & visualization of CDN logs can reduce 90% of your MTTR in various performance & security issues. Let’s look at some of the benefits from analysing your CDN logs, and why you might not be able to take advantage of these actionable insights.
Detect attacks at the edge of your system
When an attacker port scans your system or begins to analyse headers in the HTTP response from your site, they’re going to have to go through your CDN first. This means that before they are making it anywhere near your servers, they first have to traverse the complex web of edge caching that a CDN establishes for you. This behaves like perimeter security.
Obviously, CDNs aren’t effective at keeping out a determined attacker, but they ensure that all traffic that passes to your site is captured and monitored. This is a characteristic of a layered security model. While all of this is going on, your CDN is producing log data about every interaction with your site, and in that information, you can find the potential attack vectors that an attacker is utilising. With millions of DDOS attacks conducted every year, your CDN may well become your first line of defence, and your CDN logs will tell you how well that defence is performing.
Understand your busiest times
Your CDN takes much of the load away from your servers, meaning the traffic reporting that comes from your servers is only a fraction of the true traffic your site is seeing. This means that the insights that come from your server logs may be missing a large part of the picture.
Organizations that understand when their busiest times are, are able to make sensible scaling decisions ahead of time. They can focus on performance where they need it most, and prevent over-engineering where it isn’t required. Your CDN logs contain all the information you need, but analysing it may be complex. More on this later.
Real time detection of sudden traffic spikes
One issue with traditional systems and how they monitor traffic is that they’re very easily bottlenecked. Most modern sites that are deployed into the cloud have autoscaling strategies, but scaling takes time and often doesn’t happen instantly. During this “warm up” time, you’re losing requests. This means that when you measure a spike in HTTP traffic, you’re not measuring the true number of requests that hit your site. You’re measuring the requests that you managed to process.
A CDN is not only much more scalable than a typical application or website, but it also is designed to scale much faster and scale down slower. As such, in most situations, the CDN has adequate resources to process your spike without any autoscaling event. This means you get a true view of the kind of demand your website is facing, and act with the best possible information.
Your access logs contain key information, like latencies, requested resources and error codes, to let you know the nature of this sudden spike in traffic and how to respond appropriately. If you can couple this with a real-time streaming and processing solution, you’ve potentially got access to a river of powerful observability data.
Understand your customer behaviour, in detail
As above, CDNs can handle large volumes of traffic. This means that their logs are the closest to the true measurement that you can get for your site traffic. More than this, even under heavy load, a CDN will keep serving and tracking user experience across multiple sites and resources. It doesn’t suffer from the dramatic decreases in performance that a typical application in the cloud experiences, meaning your HTTP response speed remains consistent.
Consistent performance of a website has a known correlation with conversion rates and other key metrics. In order to understand this correlation, you need logs that are the truest possible indication of the user experience. Your CDN will perform consistently under even the most intense load, meaning your CDN access logs are consistent, reliable and structured. You can ingest and analyse logs, breaking them down into alertable metrics and KPIs, in a myriad of different ways, to develop a detailed understanding of customer behaviour. Most CDNs don’t support this, but keep reading to find out how.
Understand the regions where you’re popular
Your site can be accessed from anywhere in the world, and sometimes it can be difficult to track where in the world your site is popular. This information is essential. For example, if you find that some of your most important customers are based in France, you may decide that a French translation of your site may help to boost popularity and sales.
Your CDN logs often contain more than just metadata about what was served to the customer. It also contains information about where it was served from, in the form of a server host IP address. With a sophisticated observability system, your logs can be ingested, decorated with geolocation information and analysed, so you can see which regions your website is proving the most popular.
Good CDN monitoring is really complex.
CDNs have all of this information, but they make it difficult to extract and analyse, because they are not observability platforms.
Moreover, they don’t have any of the log storage cost optimization that a sophisticated observability platform will bring, meaning that if you wish to keep the huge volume of logs that your CDN will generate, you’re looking at an expensive problem to solve.
And if you are fortunate enough to have a CDN provider that has some built-in monitoring, this monitoring usually comes with a significant delay, as the log and metrics data is processed and ingested. This delay directly translates into money lost, when every second could potentially cost thousands. Real-time problems need real-time monitoring.
Ultimately, if you settle for the basic functionality that a CDN can provide, you’ll only ever get a fraction of the benefit you could get. The potential insights, from operations to marketing, that come from a properly configured, managed and monitored CDN solution, are astounding.
Contact GlobalDots for commitment-free consulting & implementation of your ultimate CDN observability solution.