Understanding Usage Logs

What are usage logs?

Usage logs capture detailed metrics about individual service instance operations. Each log entry records the full context of a request processed by a specific service instance, enabling deep visibility into how your deployments behave under operational conditions.

What usage logs contain

Each usage log entry records:

Request details: The HTTP method, path, headers, query parameters, and how the request was authenticated
Response details: The status code, response headers, and response body content
Timing: When the operation occurred
Service context: Which service and instance processed the request
Metadata: Request ID, version, region, and operational scope

This comprehensive capture enables troubleshooting at the request level, understanding operational patterns, and auditing specific interactions with your services.

Availability

Trail logs are ingested in near real time but may take up to 5 minutes to appear after an operation completes. Treat brief gaps as ingestion delay rather than missing data.

Instance scope

Usage logs are tied to specific service instances. This means:

Per-instance visibility: Each instance records its own operational activity independently
Instance-specific behavior: You understand how individual deployments behave
Instance troubleshooting: You can investigate instance-specific issues
Per-instance monitoring: Monitor individual deployments separately

This instance-scoped design allows you to correlate usage patterns with specific configurations, deployments, or operational conditions within that instance.

Common queries

Usage logs are designed for queries like:

“What requests did my authorizer instance process in the past 24 hours?”
“Which requests to my verifier instance returned error responses?”
“How did the authentication method distribution change for this instance?”
“What was the response time pattern for requests to this instance?”

Instances: Service instances that generate usage logs
Trail Logs: System-wide audit logs