mago0/gist:999afafab9eaac8277a44dde01138f40

## gistfile1.txt
# ALB logs start with http(s) or h2 and have the arn appended to the end of the log
alb.http %{notSpace} %{_date_access} %{_elb_name} (?:%{_client_ip}:%{_client_port}|-) (?:%{_destination_ip}:%{_destination_port}|-) %{_request_processing_time} %{_backend_processing_time} %{_reponse_processing_time} (?:%{_status_code}|-) (?:%{_backend_status_code}|-) %{_bytes_read} %{_bytes_written} "(?>%{_method} |- )%{_url}(?> %{_version}| - )" "%{_user_agent}" %{_ssl_cipher} %{_ssl_protocol}.*

elb.http %{_date_access} %{_elb_name} (?:%{_client_ip}:%{_client_port}|-) (?:%{_destination_ip}:%{_destination_port}|-) %{_request_processing_time} %{_backend_processing_time} %{_reponse_processing_time} (?:%{_status_code}|-) (?:%{_backend_status_code}|-) %{_bytes_read} %{_bytes_written} "(?>%{_method} |- )%{_url}(?> %{_version}| - )" "%{_user_agent}" %{_ssl_cipher} %{_ssl_protocol}

#Sample
#https 2018-01-05T18:15:01.316365Z app/prod-varnish-cache-flograppling/07574303dea2a57e 100.43.85.162:49660 10.1.222.61:6081 0.001 0.917 0.000 200 200 303 47162 "GET https://www.flograppling.com:443/video/5640301-enrico-cocco-vs-felipe-silva-2016-ibjjf-no-gi-world-championships HTTP/1.1" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 arn:aws:elasticloadbalancing:us-west-2:215207670129:targetgroup/prod-varnish-cache-flograppling/55634d1cde736c8a "Root=1-5a4fc0a4-78604213178e2f0b1ed6c752" "www.flograppling.com" "arn:aws:acm:us-west-2:215207670129:certificate/bc6b1183-25a0-4c57-a9e7-0d0380483ce7"
	# ALB logs start with http(s) or h2 and have the arn appended to the end of the log
	alb.http %{notSpace} %{_date_access} %{_elb_name} (?:%{_client_ip}:%{_client_port}\|-) (?:%{_destination_ip}:%{_destination_port}\|-) %{_request_processing_time} %{_backend_processing_time} %{_reponse_processing_time} (?:%{_status_code}\|-) (?:%{_backend_status_code}\|-) %{_bytes_read} %{_bytes_written} "(?>%{_method} \|- )%{_url}(?> %{_version}\| - )" "%{_user_agent}" %{_ssl_cipher} %{_ssl_protocol}.*

	elb.http %{_date_access} %{_elb_name} (?:%{_client_ip}:%{_client_port}\|-) (?:%{_destination_ip}:%{_destination_port}\|-) %{_request_processing_time} %{_backend_processing_time} %{_reponse_processing_time} (?:%{_status_code}\|-) (?:%{_backend_status_code}\|-) %{_bytes_read} %{_bytes_written} "(?>%{_method} \|- )%{_url}(?> %{_version}\| - )" "%{_user_agent}" %{_ssl_cipher} %{_ssl_protocol}

	#Sample
	#https 2018-01-05T18:15:01.316365Z app/prod-varnish-cache-flograppling/07574303dea2a57e 100.43.85.162:49660 10.1.222.61:6081 0.001 0.917 0.000 200 200 303 47162 "GET https://www.flograppling.com:443/video/5640301-enrico-cocco-vs-felipe-silva-2016-ibjjf-no-gi-world-championships HTTP/1.1" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 arn:aws:elasticloadbalancing:us-west-2:215207670129:targetgroup/prod-varnish-cache-flograppling/55634d1cde736c8a "Root=1-5a4fc0a4-78604213178e2f0b1ed6c752" "www.flograppling.com" "arn:aws:acm:us-west-2:215207670129:certificate/bc6b1183-25a0-4c57-a9e7-0d0380483ce7"