Contact UsGet started

Setting up L7 load balancer logging

Written by
Updated at May 13, 2025

You can send L7 load balancer logs to Yandex Cloud Logging.

Enabling logging

  1. In the management console, select the folder with your load balancer.
  2. Select Application Load Balancer.
  3. Select the load balancer you need from the list, click , and select Edit.
  4. Under Log settings:

    1. Enable Write logs.

    2. Select the Cloud Logging log group where you want to store load balancer logs.

    3. Click Add discard rule and configure its settings:

      • HTTP codes: Add HTTP status codes.
      • HTTP code classes: Add HTTP status code classes.
      • gRPC codes: Add gRPC codes.
      • Share of discarded logs: Set the log discard rate.

      You can add multiple rules.

  5. Click Save.

If you do not have the Yandex Cloud (CLI) command line interface yet, install and initialize it.

The folder specified when creating the CLI profile is used by default. To change the default folder, use the yc config set folder-id <folder_ID> command. You can specify a different folder using the --folder-name or --folder-id parameter.

  1. See the description of the CLI command for managing load balancer logging:

    yc alb load-balancer logging --help

  2. Enable logging and configure Cloud Logging logging settings:

    yc alb load-balancer logging <load_balancer_name> \
  --enable \
  --log-group-id <log_group_ID> \
  --discard codes=[<HTTP_code>,<HTTP_code_class>,<gRPC_code>],percent=<discarded_log_percentage>

    Where:

    • --enable: Enable logging.

    • --log-group-id: ID of the log group that will store your load balancer logs.

    • --discard: Log discard rule. Rule settings:

      • codes: HTTP codes, HTTP code classes, or gRPC codes.
      • percent: Log discard rate.

      You can add multiple rules.

    Result:

    done (42s)
id: ds76g8b2op3f*********
name: test-load-balancer
...
log_options:
  log_group_id: e23p9bfj2kyr********
  discard_rules:
    - http_codes:
        - "200"
      http_code_intervals:
        - HTTP_2XX
      grpc_codes:
        - OK
      discard_percent: "70"

If you do not have Terraform yet, install it and configure its Yandex Cloud provider.

  1. Add the log_options section to the load balancer description in the configuration file:

    log_options {
  log_group_id = "<log_group_ID>"
  discard_rule {
    http_codes          = ["200"]
    http_code_intervals = ["HTTP_2XX"]
    grpc_codes          = ["GRPC_OK"]
    discard_percent     = 75
  }
}

    Where log_options are the Cloud Logging logging options:

    • log_group_id: ID of the log group that will store your load balancer logs.

    • discard_rule: Log discard rule:

      • http_codes: HTTP codes.
      • http_code_intervals: HTTP code classes.
      • grpc_codes: gRPC codes.
      • discard_percent: Log discard rate.

      You can add multiple rules.

  2. Apply the changes:

    1. In the terminal, change to the folder where you edited the configuration file.

    2. Make sure the configuration file is correct using the command:

      terraform validate

      If the configuration is correct, the following message is returned:

      Success! The configuration is valid.

    3. Run the command:

      terraform plan

      The terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.

    4. Apply the configuration changes:

      terraform apply

    5. Confirm the changes: type yes in the terminal and press Enter.

This will enable logging for the specified load balancer. You can check the logging status and other load balancer settings in the management console or using this CLI command:

yc alb load-balancer get <load_balancer_name>

To enable logging, use the update REST API method for the LoadBalancer resource or the LoadBalancerService/Update gRPC API call.

Updating logging settings

  1. In the management console, select the folder with your load balancer.
  2. Select Application Load Balancer.
  3. Select the load balancer you need from the list, click , and select Edit.
  4. Under Log settings:

    1. Change the Cloud Logging log group storing your load balancer logs.

    2. Edit log discard rules:

      • HTTP codes: Update HTTP status codes.
      • HTTP code classes: Update HTTP status code classes.
      • gRPC codes: Update gRPC codes.
      • Share of discarded logs: Update the log discard rate.

      To add another rule, click Add discard rule.

  5. Click Save.

If you do not have the Yandex Cloud (CLI) command line interface yet, install and initialize it.

The folder specified when creating the CLI profile is used by default. To change the default folder, use the yc config set folder-id <folder_ID> command. You can specify a different folder using the --folder-name or --folder-id parameter.

  1. See the description of the CLI command for managing load balancer logging:

    yc alb load-balancer logging --help

  2. Update the Cloud Logging logging settings:

    yc alb load-balancer logging <load_balancer_name> \
  --log-group-id <log_group_ID> \
  --discard codes=[<HTTP_code>,<HTTP_code_class>,<gRPC_code>],percent=<discarded_log_percentage>

    Where:

    • --log-group-id: ID of the log group that will store your load balancer logs.

    • --discard: Log discard rule. Rule settings:

      • codes: HTTP codes, HTTP code classes, or gRPC codes.
      • percent: Log discard rate.

      You can add multiple rules.

    Result:

    done (42s)
id: ds76g8b2op3f********
name: test-load-balancer
...
log_options:
  log_group_id: e23p9bfj2kyr********
  discard_rules:
    - http_codes:
        - "200"
      http_code_intervals:
        - HTTP_2XX
      grpc_codes:
        - OK
      discard_percent: "70"

If you do not have Terraform yet, install it and configure its Yandex Cloud provider.

  1. In the configuration file with the load balancer description, update the logging settings in the log_options section:

    log_options {
  log_group_id = "<log_group_ID>"
  discard_rule {
    http_codes          = ["200"]
    http_code_intervals = ["HTTP_2XX"]
    grpc_codes          = ["GRPC_OK"]
    discard_percent     = 75
  }
}

    Where log_options are the Cloud Logging logging options:

    • log_group_id: ID of the log group that will store your load balancer logs.

    • discard_rule: Log discard rule:

      • http_codes: HTTP codes.
      • http_code_intervals: HTTP code classes.
      • grpc_codes: gRPC codes.
      • discard_percent: Log discard rate.

      You can add multiple rules.

  2. Apply the changes:

    1. In the terminal, change to the folder where you edited the configuration file.

    2. Make sure the configuration file is correct using the command:

      terraform validate

      If the configuration is correct, the following message is returned:

      Success! The configuration is valid.

    3. Run the command:

      terraform plan

      The terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.

    4. Apply the configuration changes:

      terraform apply

    5. Confirm the changes: type yes in the terminal and press Enter.

This will update logging settings for the specified load balancer. You can check the load balancer settings in the management console or using this CLI command:

yc alb load-balancer get <load_balancer_name>

To update logging settings, use the update REST API method for the LoadBalancer resource or the LoadBalancerService/Update gRPC API call.

Disabling logging

  1. In the management console, select the folder with your load balancer.
  2. Select Application Load Balancer.
  3. Select the load balancer you need from the list, click , and select Edit.
  4. Under Log settings, disable Write logs.
  5. Click Save.

If you do not have the Yandex Cloud (CLI) command line interface yet, install and initialize it.

The folder specified when creating the CLI profile is used by default. To change the default folder, use the yc config set folder-id <folder_ID> command. You can specify a different folder using the --folder-name or --folder-id parameter.

  1. See the description of the CLI command for managing load balancer logging:

    yc alb load-balancer logging --help

  2. Disable logging:

    yc alb load-balancer logging <load_balancer_name> --disable

    Where --disable is the logging disable option.

    Result:

    done (42s)
id: ds76g8b2op3f********
name: test-load-balancer
...
log_options:
  disable: true

If you do not have Terraform yet, install it and configure its Yandex Cloud provider.

  1. Delete the log_options section from the configuration file with the load balancer description:

    log_options {
...
}

  2. Apply the changes:

    1. In the terminal, change to the folder where you edited the configuration file.

    2. Make sure the configuration file is correct using the command:

      terraform validate

      If the configuration is correct, the following message is returned:

      Success! The configuration is valid.

    3. Run the command:

      terraform plan

      The terminal will display a list of resources with parameters. No changes are made at this step. If the configuration contains errors, Terraform will point them out.

    4. Apply the configuration changes:

      terraform apply

    5. Confirm the changes: type yes in the terminal and press Enter.

    This will disable logging for the specified load balancer. You can check the logging status and other load balancer settings in the management console or using this CLI command:

    yc alb load-balancer get <load_balancer_name>

To disable logging, use the update REST API method for the LoadBalancer resource or the LoadBalancerService/Update gRPC API call.

Previous
Viewing L7 load balancer logs
Next
Getting log group ID of an L7 load balancer