AWS ALB/NLB monitoring integration

Access to this feature depends on your subscription level. Requires Infrastructure Pro.

Amazon Application Load Balancing (ALB) distributes incoming application traffic across multiple targets, such as EC2 instances, in multiple availability zones. Amazon Network Load Balancer (NLB) distributes incoming traffic across multiple targets, such as Amazon EC2 instances.

New Relic Infrastructure integrations include an integration for reporting your AWS ALB/NLB data to New Relic products. This document explains how to activate this integration and describes the data that can be captured.

New Relic also offers an integration for Amazon's Elastic Load Balancing (ELB) service.

Activate integration

To enable this integration, follow standard procedures to connect AWS services to Infrastructure.

Configuration and polling

You can change the polling frequency and filter data using configuration options.

Default polling information for the AWS ALB/NLB integration:

  • New Relic polling interval: 5 minutes
  • Amazon CloudWatch data interval: 1 minute

View and use data

To view and use your integration data in Infrastructure, go to infrastructure.newrelic.com > Integrations > Amazon Web Services and select one of the AWS ALB integration links.

In New Relic Insights, data is attached to the LoadBalancerSample event type within four categories of data:

  • ALB: Appears in Insights with provider value Alb.
  • NLB: Appears in Insights with provider value Nlb.
  • ALB target group: Appears in Insights with provider value AlbTargetGroup.
  • NLB target group: Appears in Insights with provider valueNlbTargetGroup.

Metric data

There are two ALB integration categories of data: ALB and ALB target group.

ALB metrics

New Relic Infrastructure Amazon integrations collect the following Amazon ALB data to the provider Alb.

Metric Description

activeConnectionCount

The total number of concurrent TCP connections active from clients to the load balancer and from the load balancer to targets.

newConnectionCount

The total number of new TCP connections established from clients to the load balancer and from the load balancer to targets.

rejectedConnectionCount

The number of connections that were rejected because the load balancer had reached its maximum number of connections.

processedBytes

The total number of bytes processed by the load balancer over IPv4 and IPv6.

requestCount

The number of requests received by the load balancer. This includes requests over IPv4 and IPv6.

rulesEvaluated

The number of rules processed by the load balancer given a request rate averaged over an hour.

clientTlsNegotiationErrorCount

The number of TLS connections initiated by the client that did not establish a session with the load balancer. Possible causes include a mismatch of ciphers or protocols.

httpCodeElb5XXCount

The number of HTTP 5XX server error codes that originate from the load balancer. This count does not include any response codes generated by the targets.

httpCodeElb4XXCount

The number of HTTP 4XX client error codes that originate from the load balancer. Client errors are generated when requests are malformed or incomplete. These requests have not been received by the target.

IpV6ProcessedBytes

The total number of bytes processed by the load balancer over IPv6.

IpV6RequestCount

The number of IPv6 requests received by the load balancer.

ALB target group metrics

Target group data is stored in Insights in the provider AlbTargetGroup. For example, you can use this data to facet error metrics by target group.

Metric Description
requestCount The number of requests received by the load balancer. This includes requests over IPv4 and IPv6.
healthyHostCount The number of targets that are considered healthy.
unHealthyHostCount The number of targets that are considered unhealthy.
targetResponseTime The time elapsed, in seconds, after the request leaves the load balancer until a response from the target is received.
httpCodeTarget2XXCount The number of HTTP 2XX response codes generated by the targets. This does not include any response codes generated by the load balancer.
httpCodeTarget3XXCount The number of HTTP 3XX response codes generated by the targets. This does not include any response codes generated by the load balancer.
httpCodeTarget4XXCount The number of HTTP 4XX response codes generated by the targets. This does not include any response codes generated by the load balancer.
httpCodeTarget5XXCount The number of HTTP 5XX response codes generated by the targets. This does not include any response codes generated by the load balancer.

There are two NLB integration categories of data: NLB and NLB target group.

NLB metrics

New Relic Infrastructure Amazon integrations collect the following Amazon NLB data to the provider Nlb.

Metric Description

activeFlowCount

The total number of concurrent flows (or connections) from clients to targets. This metric includes connections in the SYN_SENT and ESTABLISHED states.

TCP connections are not terminated at the load balancer, so a client opening a TCP connection to a target counts as a single flow.

activeFlowCountTls

The total number of concurrent TLS flows (or connections) from clients to targets. This metric includes only connections in the ESTABLISHED states.

clientTlsNegotiationErrorCount

The total number of TLS handshakes that failed during negotiation between a client and a TLS listener.

consumedLcus

The number of load balancer capacity units (LCU) used by your load balancer. You pay for the number of LCUs that you use per hour.

newFlowCount

The total number of new flows (or connections) established from clients to targets in the time period.

newFlowCountTls

The total number of new TLS flows (or connections) established from clients to targets in the time period.

processedBytes

The total number of bytes processed by the load balancer, including TCP/IP headers.

processedBytesTls

The total number of bytes processed by TLS listeners.

targetTlsNegotiationErrorCount

The total number of TLS handshakes that failed during negotiation between a TLS listener and a target.

tcpClientResetCount

The total number of reset (RST) packets sent from a client to a target. These resets are generated by the client and forwarded by the load balancer.

tcpElbResetCount

The total number of reset (RST) packets generated by the load balancer.

tcpTargetResetCount The total number of reset (RST) packets sent from a target to a client. These resets are generated by the target and forwarded by the load balancer.

NLB target group metrics

Target group data is stored in Insights in the provider NlbTargetGroup. For example, you can use this data to facet error metrics by target group.

Metric Description
healthyHostCount The number of targets that are considered healthy.
unHealthyHostCount The number of targets that are considered unhealthy.

Inventory data

Inventory data provides information about the service's state and configuration. ALB/NLB configuration options are reported as inventory data.

aws/alb/load-balancer

Name Description
arn The Amazon Resource Name (ARN) of the load balancer.
dnsName The public DNS name of the load balancer.
canonicalHostedZoneId The ID of the Amazon Route 53 hosted zone associated with the load balancer.
createdTime Timestamp with the date and time the load balancer was created.
loadBalancerName The name of the load balancer.
scheme

The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer resolves publicly to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the Internet.

The nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is resolves publicly to the private IP addresses of the nodes. Therefore, internal load balancers can only route requests from clients with access to the VPC for the load balancer.

vpcId The ID of the VPC for the load balancer.
state

The state code.

  • The initial state of the load balancer is provisioning.
  • After the load balancer is fully set up and ready to route traffic, its state is active.
  • If the load balancer could not be set up, its state is failed.
availabilityZones

Can be a list or a structure.

  • As list: the availability zones for the load balancer.
  • As structure: information about an availability zone.
securityGroups List of the security group IDs for the load balancer.
ipAddressType

The type of IP addresses used by the subnets for your load balancer:

  • ipv4 (for IPv4 addresses)
  • dualstack (for IPv4 and IPv6 addresses)
type The type of load balancer.
accessLogsS3Enabled Indicates whether access logs are enabled. The value is true or false. The default is false .
accessLogsS3Prefix The prefix for the location in the S3 bucket for the access logs.
accessLogsS3Bucket The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled.
deletionProtectionEnabled Indicates whether deletion protection is enabled. The value is true or false . The default is false .
idleTimeout The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.
routingHttp2Enabled Indicates whether HTTP/2 is enabled. The value is true or false. The default is true .

aws/alb/target-group

Name Description
arn The Amazon Resource Name (ARN) of the target group
targetGroupName The name of the target group
protocol The protocol to use for routing traffic to the targets
port The port on which the targets are listening
vpcId The ID of the VPC for the targets
healthCheckProtocol The protocol to use to connect with the target
healthCheckTimeoutSeconds The amount of time, in seconds, during which no response means a failed health check
healthyThresholdCount The number of consecutive health checks successes required before considering an unhealthy target healthy
unhealthyThresholdCount The number of consecutive health check failures required before considering the target unhealthy
healthCheckPath The destination for the health check request
matcher Structure showing the HTTP codes to use when checking for a successful response from a target
loadBalancerArn The Amazon Resource Names (ARN) of the load balancer that routes traffic to this target group
stickinessEnabled

Indicates whether sticky sessions are enabled.

This is fetched only if extended inventory collection is enabled.

sticknessType

The type of stickiness.

This is fetched only if extended inventory collection is enabled.

deregistrationDelayTimeout

The deregistration delay timeout.

This is fetched only if extended inventory collection is enabled.

slowStartDurationSeconds

The time period, in seconds, during which a newly registered target receives a linearly increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic.

This is fetched only if extended inventory collection is enabled.

stickinessLbCookieDurationSeconds

The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale.

This is fetched only if extended inventory collection is enabled.

aws/alb/listener

Listener state will be only fetched if extended inventory collection is enabled.

Name Description
arn The Amazon Resource Name (ARN) of the listener.
protocol The protocol for connections from clients to the load balancer.
port The port on which the load balancer is listening.
loadBalancerArn The Amazon Resource Name (ARN) of the load balancer.

aws/alb/rule

Rule state will be only fetched if extended inventory collection is enabled.

Name Description
arn The Amazon Resource Name (ARN) of the rule
priority The priority
isDefault Indicates whether this is the default rule
conditions The conditions
actions The actions

aws/nlb/load-balancer

Name Description
arn The Amazon Resource Name (ARN) of the load balancer.
dnsName The public DNS name of the load balancer.
canonicalHostedZoneId The ID of the Amazon Route 53 hosted zone associated with the load balancer.
createdTime Timestamp with the date and time the load balancer was created.
loadBalancerName The name of the load balancer.
scheme

The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer publicly resolves to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the Internet.

The nodes of an internal load balancer only have private IP addresses. The DNS name of an internal load balancer is publicly resolves to the private IP addresses of the nodes. Therefore, internal load balancers can only route requests from clients with access to the VPC for the load balancer.

vpcId The ID of the VPC for the load balancer.
state

The state code.

  • The initial state of the load balancer is provisioning.
  • After the load balancer is fully set up and ready to route traffic, its state is active.
  • If the load balancer could not be set up, its state is failed.
availabilityZones

Can be a list or a structure.

  • As list: the availability zones for the load balancer.
  • As structure: information about an availability zone.
ipAddressType

The type of IP addresses used by the subnets for your load balancer:

  • ipv4 (for IPv4 addresses)
  • dualstack (for IPv4 and IPv6 addresses)
type The type of load balancer.
accessLogsS3Enabled Indicates whether access logs are enabled. The value is true or false. The default is false .
accessLogsS3Prefix The prefix for the location in the S3 bucket for the access logs.
accessLogsS3Bucket The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled.
deletionProtectionEnabled Indicates whether deletion protection is enabled. The value is true or false . The default is false .
crossZoneEnabled Indicates whether cross-zone load balancing is enabled. The value is true or false . The default is false .

aws/nlb/target-group

Name Description
arn The Amazon Resource Name (ARN) of the target group.
targetGroupName The name of the target group.
protocol The protocol to use for routing traffic to the targets.
port The port on which the targets are listening.
vpcId The ID of the VPC for the targets.
healthCheckProtocol The protocol to use to connect with the target.
healthCheckTimeoutSeconds The amount of time, in seconds, during which no response means a failed health check.
healthyThresholdCount The number of consecutive health checks successes required before considering an unhealthy target healthy.
unhealthyThresholdCount The number of consecutive health check failures required before considering the target unhealthy.
healthCheckPath The destination for the health check request.
loadBalancerArn The Amazon Resource Names (ARN) of the load balancer that routes traffic to this target group
deregistrationDelayTimeout

The deregistration delay timeout.

This is fetched only if extended inventory collection is enabled.

matcher Structure showing the HTTP codes to use when checking for a successful response from a target
proxyProtocolV2Enabled

Indicates whether Proxy Protocol version 2 is enabled. The value is true or false . The default is false .

This is fetched only if extended inventory collection is enabled.

aws/nlb/listener

Listener state will be only fetched if extended inventory collection is enabled.

Name Description
arn The Amazon Resource Name (ARN) of the listener.
protocol The protocol for connections from clients to the load balancer.
port The port on which the load balancer is listening.
loadBalancerArn The Amazon Resource Name (ARN) of the load balancer.

aws/nlb/rule

Rule state will be only fetched if extended inventory collection is enabled.

Name Description
arn The Amazon Resource Name (ARN) of the rule.
priority The priority.
isDefault Indicates whether this is the default rule.
conditions The conditions.
actions The actions.

For more help

Recommendations for learning more: