Dr. Eduardo Rocha, Senior Solutions Engineer & Security Analyst @ GlobalDots
image 5 Min read

If you’re operating at scale, you’re probably already making use of a CDN. They’ve become ubiquitous amongst any company trying to handle large volumes of website traffic.

It’s surprising then, that so many organizations rely heavily on their CDN, but they don’t take advantage of the wealth of observability data that a CDN offers. Our experience shows that adequate analysis & visualization of CDN logs can reduce 90% of your MTTR in various performance & security issues. Let’s look at some of the benefits from analysing your CDN logs, and why you might not be able to take advantage of these actionable insights. 

Detect attacks at the edge of your system

When an attacker port scans your system or begins to analyse headers in the HTTP response from your site, they’re going to have to go through your CDN first. This means that before they are making it anywhere near your servers, they first have to traverse the complex web of edge caching that a CDN establishes for you. This behaves like perimeter security. 

Obviously, CDNs aren’t effective at keeping out a determined attacker, but they ensure that all traffic that passes to your site is captured and monitored. This is a characteristic of a layered security model. While all of this is going on, your CDN is producing log data about every interaction with your site, and in that information, you can find the potential attack vectors that an attacker is utilising. With millions of DDOS attacks conducted every year, your CDN may well become your first line of defence, and your CDN logs will tell you how well that defence is performing.

Understand your busiest times

Your CDN takes much of the load away from your servers, meaning the traffic reporting that comes from your servers is only a fraction of the true traffic your site is seeing. This means that the insights that come from your server logs may be missing a large part of the picture.

Organizations that understand when their busiest times are, are able to make sensible scaling decisions ahead of time. They can focus on performance where they need it most, and prevent over-engineering where it isn’t required. Your CDN logs contain all the information you need, but analysing it may be complex. More on this later.

Real time detection of sudden traffic spikes

One issue with traditional systems and how they monitor traffic is that they’re very easily bottlenecked. Most modern sites that are deployed into the cloud have autoscaling strategies, but scaling takes time and often doesn’t happen instantly. During this “warm up” time, you’re losing requests. This means that when you measure a spike in HTTP traffic, you’re not measuring the true number of requests that hit your site. You’re measuring the requests that you managed to process.

A CDN is not only much more scalable than a typical application or website, but it also is designed to scale much faster and scale down slower. As such, in most situations, the CDN has adequate resources to process your spike without any autoscaling event. This means you get a true view of the kind of demand your website is facing, and act with the best possible information.

Your access logs contain key information, like latencies, requested resources and error codes, to let you know the nature of this sudden spike in traffic and how to respond appropriately. If you can couple this with a real-time streaming and processing solution, you’ve potentially got access to a river of powerful observability data.

Understand your customer behaviour, in detail

As above, CDNs can handle large volumes of traffic. This means that their logs are the closest to the true measurement that you can get for your site traffic. More than this, even under heavy load, a CDN will keep serving and tracking user experience across multiple sites and resources. It doesn’t suffer from the dramatic decreases in performance that a typical application in the cloud experiences, meaning your HTTP response speed remains consistent.

Consistent performance of a website has a known correlation with conversion rates and other key metrics. In order to understand this correlation, you need logs that are the truest possible indication of the user experience. Your CDN will perform consistently under even the most intense load, meaning your CDN access logs are consistent, reliable and structured. You can ingest and analyse logs, breaking them down into alertable metrics and KPIs, in a myriad of different ways, to develop a detailed understanding of customer behaviour. Most CDNs don’t support this, but keep reading to find out how.

Your site can be accessed from anywhere in the world, and sometimes it can be difficult to track where in the world your site is popular. This information is essential. For example, if you find that some of your most important customers are based in France, you may decide that a French translation of your site may help to boost popularity and sales.

Your CDN logs often contain more than just metadata about what was served to the customer. It also contains information about where it was served from, in the form of a server host IP address. With a sophisticated observability system, your logs can be ingested, decorated with geolocation information and analysed, so you can see which regions your website is proving the most popular.

Good CDN monitoring is really complex. 

CDNs have all of this information, but they make it difficult to extract and analyse, because they are not observability platforms. 

Moreover, they don’t have any of the log storage cost optimization that a sophisticated observability platform will bring, meaning that if you wish to keep the huge volume of logs that your CDN will generate, you’re looking at an expensive problem to solve. 

And if you are fortunate enough to have a CDN provider that has some built-in monitoring, this monitoring usually comes with a significant delay, as the log and metrics data is processed and ingested. This delay directly translates into money lost, when every second could potentially cost thousands. Real-time problems need real-time monitoring.

Ultimately, if you settle for the basic functionality that a CDN can provide, you’ll only ever get a fraction of the benefit you could get. The potential insights, from operations to marketing, that come from a properly configured, managed and monitored CDN solution, are astounding. 

Contact GlobalDots for commitment-free consulting & implementation of your ultimate CDN observability solution.

Read More

Inform every aspect of your product & business with CDN Monitoring
Monitoring, Logging & Observability
Snir Ambar, Head of AI & Innovation @ GlobalDots 22.09.22

Extract actionable real-time insights, optimize performance and identify issues before they become problems – by unlocking the hidden value of CDN logs! Get 14 days free access to all features right now.

Watch more
The Benefits of better CDN Monitoring
Monitoring, Logging & Observability
Admin Globaldots 13.09.22

CDNs are no longer a luxury but a necessity. And so is their monitoring to secure, scale, and improve your product.

Read more
3 Industries that can benefit from better CDN monitoring
Content Delivery Network (CDN) Monitoring, Logging & Observability
Miguel Fersen, Senior Cloud Consultant @ GlobalDots 23.08.22

In 2022, global CDN usage is expected to reach over 250 exabytes per month. With more and more industries reaping the benefits of CDNs, CDN monitoring is going to become a valuable new source of information for anyone looking to understand their operational challenges or how their customers interact with their product. Industries all over […]

Read more
Unlock Your Cloud Potential
Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.
Book a Demo