CloudWatch metrics for your Application Load Balancer
Elastic Load Balancing publishes data points to Amazon CloudWatch for your load balancers and your targets. CloudWatch enables you to retrieve statistics about those data points as an ordered set of time-series data, known as metrics. Think of a metric as a variable to monitor, and the data points as the values of that variable over time. For example, you can monitor the total number of healthy targets for a load balancer over a specified time period. Each data point has an associated time stamp and an optional unit of measurement.
You can use metrics to verify that your system is performing as expected. For example, you can create a CloudWatch alarm to monitor a specified metric and initiate an action (such as sending a notification to an email address) if the metric goes outside what you consider an acceptable range.
Elastic Load Balancing reports metrics to CloudWatch only when requests are flowing through the load balancer. If there are requests flowing through the load balancer, Elastic Load Balancing measures and sends its metrics in 60-second intervals. If there are no requests flowing through the load balancer or no data for a metric, the metric is not reported.
For more information, see the Amazon CloudWatch User Guide.
Contents
Application Load Balancer metrics
The AWS/ApplicationELB namespace includes the following metrics for
load balancers.
| Metric | Description |
|---|---|
ActiveConnectionCount |
The total number of concurrent TCP connections active from clients to the load balancer and from the load balancer to targets. Reporting criteria: There is a nonzero value Statistics: The most useful statistic is
Dimensions
|
AnomalousHostCount |
The number of hosts detected with anomalies. Reporting criteria: Always reported Statistics: The most useful statistics are Dimensions
|
ClientTLSNegotiationErrorCount |
The number of TLS connections initiated by the client that did not establish a session with the load balancer due to a TLS error. Possible causes include a mismatch of ciphers or protocols or the client failing to verify the server certificate and closing the connection. Reporting criteria: There is a nonzero value Statistics: The most useful statistic is
Dimensions
|
ConsumedLCUs |
The number of load balancer capacity units (LCU) used by your
load balancer. You pay for the number of LCUs that you use per
hour. For more information, see Elastic
Load Balancing pricing Reporting criteria: Always reported Statistics: All Dimensions
|
PeakLCUs |
The maximum number of load balancer capacity units (LCU) used by your load balancer at a given point in time. Only applicable when using LCU Reservation. Reporting criteria: Always Statistics: The most useful statistics are
Dimensions
|
ReservedLCUs |
The number of load balancer capacity units (LCUs) reserved for your load balancer using LCU Reservation. Reporting criteria: There is a nonzero value Statistics: All Dimensions
|
DesyncMitigationMode_NonCompliant_Request_Count |
The number of requests that do not comply with RFC 7230. Reporting criteria: There is a nonzero value Statistics: The most useful statistic is
Dimensions
|
DroppedInvalidHeaderRequestCount |
The number of requests where the load balancer removed HTTP
headers with header fields that are not valid before routing the
request. The load balancer removes these headers only if the
Reporting criteria: There is a nonzero value Statistics: All Dimensions
|
MitigatedHostCount |
The number of targets under mitigation. Reporting criteria: Always reported Statistics: The most useful statistics are Dimensions
|
ForwardedInvalidHeaderRequestCount |
The number of requests routed by the load balancer that had
HTTP headers with header fields that are not valid. The load
balancer forwards requests with these headers only if the
Reporting criteria: Always reported Statistics: All Dimensions
|
GrpcRequestCount |
The number of gRPC requests processed over IPv4 and IPv6. Reporting criteria: There is a nonzero value Statistics: The most useful statistic is
Dimensions
|
HTTP_Fixed_Response_Count |
The number of fixed-response actions that were successful. Reporting criteria: There is a nonzero value Statistics: The only meaningful statistic
is Dimensions
|
HTTP_Redirect_Count |
The number of redirect actions that were successful. Reporting criteria: There is a nonzero value Statistics: The only meaningful statistic
is Dimensions
|
HTTP_Redirect_Url_Limit_Exceeded_Count |
The number of redirect actions that couldn't be completed because the URL in the response location header is larger than 8K. Reporting criteria: There is a nonzero value Statistics: The only meaningful statistic
is Dimensions
|
HTTPCode_ELB_3XX_Count |
The number of HTTP 3XX redirection codes that originate from the load balancer. This count does not include response codes generated by targets. Reporting criteria: There is a nonzero value Statistics: The only meaningful statistic
is Dimensions
|
HTTPCode_ELB_4XX_Count |
The number of HTTP 4XX client error codes that originate from the load balancer. This count does not include response codes generated by targets. Client errors are generated when requests are malformed or incomplete. These requests were not received by the target, other than in the case where the load balancer returns an HTTP 460 error code. This count does not include any response codes generated by the targets. Reporting criteria: There is a nonzero value Statistics: The most useful statistic is
Dimensions
|
HTTPCode_ELB_5XX_Count |
The number of HTTP 5XX server error codes that originate from the load balancer. This count does not include any response codes generated by the targets. Reporting criteria: There is a nonzero value Statistics: The most useful statistic is
Dimensions
|
HTTPCode_ELB_500_Count |
The number of HTTP 500 error codes that originate from the load balancer. Reporting criteria: There is a nonzero value Statistics: The only meaningful statistic
is Dimensions
|
HTTPCode_ELB_502_Count |
The number of HTTP 502 error codes that originate from the load balancer. Reporting criteria: There is a nonzero value Statistics: The only meaningful statistic
is Dimensions
|
HTTPCode_ELB_503_Count |
The number of HTTP 503 error codes that originate from the load balancer. Reporting criteria: There is a nonzero value Statistics: The only meaningful statistic
is Dimensions
|
HTTPCode_ELB_504_Count |
The number of HTTP 504 error codes that originate from the load balancer. Reporting criteria: There is a nonzero value Statistics: The only meaningful statistic
is Dimensions
|
IPv6ProcessedBytes |
The total number of bytes processed by the load balancer over
IPv6. This count is included in
Reporting criteria: There is a nonzero value Statistics: The most useful statistic is
Dimensions
|
IPv6RequestCount |
The number of IPv6 requests received by the load balancer. Reporting criteria: There is a nonzero value Statistics: The most useful statistic is
Dimensions
|
NewConnectionCount |
The total number of new TCP connections established from clients to the load balancer and from the load balancer to targets. Reporting criteria: There is a nonzero value Statistics: The most useful statistic is
Dimensions
|
NonStickyRequestCount |
The number of requests where the load balancer chose a new target because it couldn't use an existing sticky session. For example, the request was the first request from a new client and no stickiness cookie was presented, a stickiness cookie was presented but it did not specify a target that was registered with this target group, the stickiness cookie was malformed or expired, or an internal error prevented the load balancer from reading the stickiness cookie. Reporting criteria: Stickiness is enabled on the target group. Statistics: The only meaningful statistic
is Dimensions
|
ProcessedBytes |
The total number of bytes processed by the load balancer over IPv4 and IPv6 (HTTP header and HTTP payload). This count includes traffic to and from clients and Lambda functions, and traffic from an Identity Provider (IdP) if user authentication is enabled. Reporting criteria: There is a nonzero value Statistics: The most useful statistic is
Dimensions
|
RejectedConnectionCount |
The number of connections that were rejected because the load balancer had reached its maximum number of connections. Reporting criteria: There is a nonzero value Statistics: The most useful statistic is
Dimensions
|
RequestCount |
The number of requests processed over IPv4 and IPv6. This metric is only incremented for requests where the load balancer node was able to choose a target. Requests that are rejected before a target is chosen are not reflected in this metric. Reporting criteria: Always reported Statistics: The most useful statistic is
Dimensions
|
RuleEvaluations |
The number of rules evaluated by the load balancer while processing requests. The default rule is not counted. The 10 free rule evaluations per request are included in this count. Reporting criteria: There is a nonzero value Statistics: The most useful statistic is
Dimensions
|
ZonalShiftedHostCount |
The number of targets that are considered disabled due to zonal shift. Reporting criteria: Reported when there is a value Statistics: The most useful statistic is
Dimensions
|
The AWS/ApplicationELB namespace includes the following metrics for
targets.
| Metric | Description |
|---|---|
HealthyHostCount |
The number of targets that are considered healthy. Reporting criteria: Reported if there are registered targets. Statistics: The most useful statistics
are Dimensions
|
HTTPCode_Target_2XX_Count,
HTTPCode_Target_3XX_Count,
HTTPCode_Target_4XX_Count,
HTTPCode_Target_5XX_Count |
The number of HTTP response codes generated by the targets. This does not include any response codes generated by the load balancer. Reporting criteria: Reported if there are registered targets. Statistics: The most useful statistic is
Dimensions
|
RequestCountPerTarget |
The average request count per target, in a target group.
You must specify the target group using the This count uses the total number of requests received by the target group, divided by the number of healthy targets in the target group. If there are no healthy targets in the target group, it is divided by the total number of registered targets. Reporting criteria: Always reported Statistics: The only valid statistic is
Dimensions
|
TargetConnectionErrorCount |
The number of connections that were not successfully established between the load balancer and target. This metric does not apply if the target is a Lambda function. This metric is not incremented for unsuccessful health check connections. Reporting criteria: There is a nonzero value Statistics: The most useful statistic is
Dimensions
|
TargetResponseTime |
The time elapsed, in seconds, after the request leaves the
load balancer until the target starts to send the response
headers. This is equivalent to the Reporting criteria: There is a nonzero value Statistics: The most useful statistics
are Dimensions
|
TargetTLSNegotiationErrorCount |
The number of TLS connections initiated by the load balancer that did not establish a session with the target. Possible causes include a mismatch of ciphers or protocols. This metric does not apply if the target is a Lambda function. Reporting criteria: There is a nonzero value Statistics: The most useful statistic is
Dimensions
|
UnHealthyHostCount |
The number of targets that are considered unhealthy. Reporting criteria: Reported if there are registered targets. Statistics: The most useful statistics
are Dimensions
|
The AWS/ApplicationELB namespace includes the following metrics for
target group health. For more information, see Target group health.
| Metric | Description |
|---|---|
HealthyStateDNS |
The number of zones that meet the DNS healthy state requirements. Statistics: The most useful statistic is Dimensions
|
HealthyStateRouting |
The number of zones that meet the routing healthy state requirements. Statistics: The most useful statistic is Dimensions
|
UnhealthyRoutingRequestCount |
The number of requests that are routed using the routing failover action (fail open). Statistics: The most useful statistic is Dimensions
|
UnhealthyStateDNS |
The number of zones that do not meet the DNS healthy state requirements and therefore were marked unhealthy in DNS. Statistics: The most useful statistic is Dimensions
|
UnhealthyStateRouting |
The number of zones that do not meet the routing healthy state requirements, and therefore the load balancer distributes traffic to all targets in the zone, including the unhealthy targets. Statistics: The most useful statistic is Dimensions
|
The AWS/ApplicationELB namespace includes the following metrics for
Lambda functions that are registered as targets.
| Metric | Description |
|---|---|
LambdaInternalError |
The number of requests to a Lambda function that failed because of an issue internal to the load balancer or AWS Lambda. To get the error reason codes, check the error_reason field of the access log. Reporting criteria: There is a nonzero value Statistics: The only meaningful statistic
is Dimensions
|
LambdaTargetProcessedBytes |
The total number of bytes processed by the load balancer for requests to and responses from a Lambda function. Reporting criteria: There is a nonzero value Statistics: The only meaningful statistic
is Dimensions
|
LambdaUserError |
The number of requests to a Lambda function that failed because of an issue with the Lambda function. For example, the load balancer did not have permission to invoke the function, the load balancer received JSON from the function that is malformed or missing required fields, or the size of the request body or response exceeded the maximum size of 1 MB. To get the error reason codes, check the error_reason field of the access log. Reporting criteria: There is a nonzero value Statistics: The only meaningful statistic
is Dimensions
|
The AWS/ApplicationELB namespace includes the following metrics for
user authentication.
| Metric | Description |
|---|---|
ELBAuthError |
The number of user authentications that could not be completed because an authenticate action was misconfigured, the load balancer couldn't establish a connection with the IdP, or the load balancer couldn't complete the authentication flow due to an internal error. To get the error reason codes, check the error_reason field of the access log. Reporting criteria: There is a nonzero value Statistics: The only meaningful statistic
is Dimensions
|
ELBAuthFailure |
The number of user authentications that could not be completed because the IdP denied access to the user or an authorization code was used more than once. To get the error reason codes, check the error_reason field of the access log. Reporting criteria: There is a nonzero value Statistics: The only meaningful statistic
is Dimensions
|
ELBAuthLatency |
The time elapsed, in milliseconds, to query the IdP for the ID token and user info. If one or more of these operations fail, this is the time to failure. Reporting criteria: There is a nonzero value Statistics: All statistics are meaningful. Dimensions
|
ELBAuthRefreshTokenSuccess |
The number of times the load balancer successfully refreshed user claims using a refresh token provided by the IdP. Reporting criteria: There is a nonzero value Statistics: The only meaningful statistic
is Dimensions
|
ELBAuthSuccess |
The number of authenticate actions that were successful. This metric is incremented at the end of the authentication workflow, after the load balancer has retrieved the user claims from the IdP. Reporting criteria: There is a nonzero value Statistics: The most useful statistic is
Dimensions
|
ELBAuthUserClaimsSizeExceeded |
The number of times that a configured IdP returned user claims that exceeded 11K bytes in size. Reporting criteria: There is a nonzero value Statistics: The only meaningful statistic
is Dimensions
|
Metric dimensions for Application Load Balancers
To filter the metrics for your Application Load Balancer, use the following dimensions.
| Dimension | Description |
|---|---|
AvailabilityZone |
Filters the metric data by Availability Zone. |
LoadBalancer |
Filters the metric data by load balancer. Specify the load balancer as follows: app/load-balancer-name/1234567890123456 (the final portion of the load balancer ARN). |
TargetGroup |
Filters the metric data by target group. Specify the target group as follows: targetgroup/target-group-name/1234567890123456 (the final portion of the target group ARN). |
Statistics for Application Load Balancer metrics
CloudWatch provides statistics based on the metric data points published by Elastic Load Balancing. Statistics are metric data aggregations over specified period of time. When you request statistics, the returned data stream is identified by the metric name and dimension. A dimension is a name-value pair that uniquely identifies a metric. For example, you can request statistics for all the healthy EC2 instances behind a load balancer launched in a specific Availability Zone.
The Minimum and Maximum statistics reflect the minimum
and maximum values of the data points reported by the individual load balancer nodes
in each sampling window. For example, suppose there are 2 load balancer nodes that
make up the Application Load Balancer. One node has HealthyHostCount
with a Minimum of 2, a Maximum of 10, and an Average
of 6, while the other node has HealthyHostCount with a Minimum
of 1, a Maximum of 5, and an Average of 3. Therefore, the load
balancer has a Minimum of 1, a Maximum of 10, and an Average
of about 4.
We recommend you monitor for non-zero UnHealthyHostCount in the
Minimum statistic, and alarm on non-zero value for more than one
data point. Using the Minimum will detect when targets are considered
unhealthy by every node and Availability Zone of your load balancer. Alarming on
Average or Maximum is useful if you want to be alerted
to potential problems, and we recommend customers review this metric and investigate
non-zero occurrences. Mitigating failures automatically can be done following best
practices of using load balancer health check in Amazon EC2 Auto Scaling, or Amazon Elastic Container Service (Amazon ECS).
The Sum statistic is the aggregate value across all load balancer
nodes. Because metrics include multiple reports per period, Sum is only
applicable to metrics that are aggregated across all load balancer nodes.
The SampleCount statistic is the number of samples measured. Because
metrics are gathered based on sampling intervals and events, this statistic is
typically not useful. For example, with HealthyHostCount,
SampleCount is based on the number of samples that each load
balancer node reports, not the number of healthy hosts.
A percentile indicates the relative standing of a value in a data set. You can specify any percentile, using up to two decimal places (for example, p95.45). For example, the 95th percentile means that 95 percent of the data is below this value and 5 percent is above. Percentiles are often used to isolate anomalies. For example, suppose that an application serves the majority of requests from a cache in 1-2 ms, but in 100-200 ms if the cache is empty. The maximum reflects the slowest case, around 200 ms. The average doesn't indicate the distribution of the data. Percentiles provide a more meaningful view of the application's performance. By using the 99th percentile as an Auto Scaling trigger or a CloudWatch alarm, you can target that no more than 1 percent of requests take longer than 2 ms to process.
View CloudWatch metrics for your load balancer
You can view the CloudWatch metrics for your load balancers using the Amazon EC2 console. These metrics are displayed as monitoring graphs. The monitoring graphs show data points if the load balancer is active and receiving requests.
Alternatively, you can view metrics for your load balancer using the CloudWatch console.
To view metrics using the console
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/
. -
To view metrics filtered by target group, do the following:
-
In the navigation pane, choose Target Groups.
-
Select your target group, and then choose the Monitoring tab.
-
(Optional) To filter the results by time, select a time range from Showing data for.
-
To get a larger view of a single metric, select its graph.
-
-
To view metrics filtered by load balancer, do the following:
-
In the navigation pane, choose Load Balancers.
-
Select your load balancer, and then choose the Monitoring tab.
-
(Optional) To filter the results by time, select a time range from Showing data for.
-
To get a larger view of a single metric, select its graph.
-
To view metrics using the CloudWatch console
Open the CloudWatch console at https://console.aws.amazon.com/cloudwatch/
. -
In the navigation pane, choose Metrics.
-
Select the ApplicationELB namespace.
-
(Optional) To view a metric across all dimensions, enter its name in the search field.
-
(Optional) To filter by dimension, select one of the following:
-
To display only the metrics reported for your load balancers, choose Per AppELB Metrics. To view the metrics for a single load balancer, enter its name in the search field.
-
To display only the metrics reported for your target groups, choose Per AppELB, per TG Metrics. To view the metrics for a single target group, enter its name in the search field.
-
To display only the metrics reported for your load balancers by Availability Zone, choose Per AppELB, per AZ Metrics. To view the metrics for a single load balancer, enter its name in the search field. To view the metrics for a single Availability Zone, enter its name in the search field.
-
To display only the metrics reported for your load balancers by Availability Zone and target group, choose Per AppELB, per AZ, per TG Metrics. To view the metrics for a single load balancer, enter its name in the search field. To view the metrics for a single target group, enter its name in the search field. To view the metrics for a single Availability Zone, enter its name in the search field.
-
To view metrics using the AWS CLI
Use the following list-metrics command to list the available metrics:
aws cloudwatch list-metrics --namespace AWS/ApplicationELB
To get the statistics for a metric using the AWS CLI
Use the following get-metric-statistics command get statistics for the specified metric and dimension. CloudWatch treats each unique combination of dimensions as a separate metric. You can't retrieve statistics using combinations of dimensions that were not specially published. You must specify the same dimensions that were used when the metrics were created.
aws cloudwatch get-metric-statistics --namespace AWS/ApplicationELB \ --metric-name UnHealthyHostCount --statistics Average --period 3600 \ --dimensions Name=LoadBalancer,Value=app/my-load-balancer/50dc6c495c0c9188 \ Name=TargetGroup,Value=targetgroup/my-targets/73e2d6bc24d8a067 \ --start-time 2016-04-18T00:00:00Z --end-time 2016-04-21T00:00:00Z
The following is example output:
{
"Datapoints": [
{
"Timestamp": "2016-04-18T22:00:00Z",
"Average": 0.0,
"Unit": "Count"
},
{
"Timestamp": "2016-04-18T04:00:00Z",
"Average": 0.0,
"Unit": "Count"
},
...
],
"Label": "UnHealthyHostCount"
}