Sign in Subscribe
Concepts

The logs tell the truth, but only if you capture them before they vanish.

Andrios Robert

1 min read

When working with an external load balancer that fronts a proxy, access logs are the lifeline for debugging, audit compliance, and performance tuning. Missing or incomplete logs make blind troubleshooting inevitable. Correct configuration ensures every HTTP request, every client IP, and every status code flows into your log pipeline, intact and in order.

An external load balancer, whether cloud-managed or self-hosted, often terminates TLS and forwards traffic to upstream proxies. By default, logs collected here may lose details about the original client connection. Enabling and structuring logs at the load balancer layer catches connection metadata, request timestamps, and edge-level metrics. On the proxy layer, access logs record application-level events, such as paths, methods, and backend responses. Combining both streams yields full visibility.

To log access through a proxy behind an external load balancer:

  1. Enable detailed request logging on the load balancer. Use fields for client IP, protocol, response time, and upstream address.
  2. Configure X-Forwarded-For or X-Real-IP headers to preserve the originating IP across hops.
  3. On the proxy (Nginx, Envoy, HAProxy), align log format to capture these forwarded headers, the target service, and status codes.
  4. Centralize both layers’ logs in your aggregation system (ELK, Loki, or cloud logging). Index by request ID for correlation.
  5. Monitor for dropped or malformed entries. Adjust buffer sizes and flush intervals to match traffic volume.

Security and compliance often mandate retaining logs for a defined period. Consider timestamp precision, rotation policies, and encryption at rest. Filter sensitive fields, but never remove identifiers necessary for tracing operational incidents. Analyze patterns in real time to detect spikes, latency shifts, or unexpected client behavior.

Logs from the external load balancer and the proxy together give you the truth from edge to origin. Without this pairing, gaps appear, attackers slip past unnoticed, and performance audits fail.

Set up complete logs for your proxy and external load balancer now. See it live in minutes at hoop.dev.