AWS ALB/NLB monitoring integration | New Relic Documentation

Important

Enable the AWS CloudWatch Metric Streams integration to monitor all CloudWatch metrics from your AWS services, including custom namespaces. Individual integrations are no longer our recommended option.

Amazon Application Load Balancing (ALB) distributes incoming application traffic across multiple targets, such as EC2 instances, in multiple availability zones. Amazon Network Load Balancer (NLB) distributes incoming traffic across multiple targets, such as Amazon EC2 instances.

New Relic infrastructure integrations include an integration for reporting your AWS ALB/NLB data to New Relic products. This document explains how to activate this integration and describes the data that can be captured.

New Relic also offers an integration for Amazon's Elastic Load Balancing (ELB) service.

Activate integration

To enable this integration, follow standard procedures to connect AWS services to New Relic.

Configuration and polling

You can change the polling frequency and filter data using configuration options.

Default polling information for the AWS ALB/NLB integration:

New Relic polling interval: 5 minutes
Amazon CloudWatch data interval: 1 minute

View and use data

To view and use your integration data, go to one.newrelic.com > Infrastructure > AWS and select one of the AWS ALB integration links.

You can query and explore your data using the LoadBalancerSample event type within four categories of data:

ALB: Appears in New Relic with provider value Alb.
NLB: Appears in New Relic with provider value Nlb.
ALB target group: Appears in New Relic with provider value AlbTargetGroup.
NLB target group: Appears in New Relic with provider valueNlbTargetGroup.

Metric data

There are two ALB integration categories of data: ALB and ALB target group.

ALB metrics

New Relic Infrastructure Amazon integrations collect the following Amazon ALB data to the provider Alb.

Metric	Description
`activeConnectionCount`	The total number of concurrent TCP connections active from clients to the load balancer and from the load balancer to targets.
`newConnectionCount`	The total number of new TCP connections established from clients to the load balancer and from the load balancer to targets.
`rejectedConnectionCount`	The number of connections that were rejected because the load balancer had reached its maximum number of connections.
`processedBytes`	The total number of bytes processed by the load balancer over IPv4 and IPv6.
`requestCount`	The number of requests received by the load balancer. This includes requests over IPv4 and IPv6.
`rulesEvaluated`	The number of rules processed by the load balancer given a request rate averaged over an hour.
`clientTlsNegotiationErrorCount`	The number of TLS connections initiated by the client that did not establish a session with the load balancer. Possible causes include a mismatch of ciphers or protocols.
`httpCodeElb5XXCount`	The number of HTTP 5XX server error codes that originate from the load balancer. This count does not include any response codes generated by the targets.
`httpCodeElb4XXCount`	The number of HTTP 4XX client error codes that originate from the load balancer. Client errors are generated when requests are malformed or incomplete. These requests have not been received by the target.
`IpV6ProcessedBytes`	The total number of bytes processed by the load balancer over IPv6.
`IpV6RequestCount`	The number of IPv6 requests received by the load balancer.
`lambdaTargetProcessedBytes`	The total number of bytes processed by the load balancer for requests to and responses from a Lambda function.

ALB target group metrics

Target group data is stored in New Relic in the provider AlbTargetGroup. For example, you can use this data to facet error metrics by target group.

Metric	Description
`requestCount`	The number of requests received by the load balancer. This includes requests over IPv4 and IPv6.
`healthyHostCount`	The number of targets that are considered healthy.
`unHealthyHostCount`	The number of targets that are considered unhealthy.
`targetResponseTime`	The time elapsed, in seconds, after the request leaves the load balancer until a response from the target is received. Available statistics: aws.applicationelb.target_response_time.p90 aws.applicationelb.target_response_time.p95 aws.applicationelb.target_response_time.p99
`httpCodeTarget2XXCount`	The number of HTTP `2XX` response codes generated by the targets. This does not include any response codes generated by the load balancer.
`httpCodeTarget3XXCount`	The number of HTTP `3XX` response codes generated by the targets. This does not include any response codes generated by the load balancer.
`httpCodeTarget4XXCount`	The number of HTTP `4XX` response codes generated by the targets. This does not include any response codes generated by the load balancer.
`httpCodeTarget5XXCount`	The number of HTTP `5XX` response codes generated by the targets. This does not include any response codes generated by the load balancer.
`lambdaInternalError`	The number of requests to a Lambda function that failed because of an issue internal to the load balancer or AWS Lambda.
`lambdaUserError`	The number of requests to a Lambda function that failed because of an issue with the Lambda function.

There are two NLB integration categories of data: NLB and NLB target group.

NLB metrics

New Relic Infrastructure Amazon integrations collect the following Amazon NLB data to the provider Nlb.

Metric	Description
`activeFlowCount`	The total number of concurrent flows (or connections) from clients to targets. This metric includes connections in the `SYN_SENT` and `ESTABLISHED` states. TCP connections are not terminated at the load balancer, so a client opening a TCP connection to a target counts as a single flow.
`activeFlowCountTls`	The total number of concurrent TLS flows (or connections) from clients to targets. This metric includes only connections in the `ESTABLISHED` states.
`clientTlsNegotiationErrorCount`	The total number of TLS handshakes that failed during negotiation between a client and a TLS listener.
`consumedLcus`	The number of load balancer capacity units (LCU) used by your load balancer. You pay for the number of LCUs that you use per hour.
`newFlowCount`	The total number of new flows (or connections) established from clients to targets in the time period.
`newFlowCountTls`	The total number of new TLS flows (or connections) established from clients to targets in the time period.
`processedBytes`	The total number of bytes processed by the load balancer, including TCP/IP headers.
`processedBytesTls`	The total number of bytes processed by TLS listeners.
`targetTlsNegotiationErrorCount`	The total number of TLS handshakes that failed during negotiation between a TLS listener and a target.
`tcpClientResetCount`	The total number of reset (RST) packets sent from a client to a target. These resets are generated by the client and forwarded by the load balancer.
`tcpElbResetCount`	The total number of reset (RST) packets generated by the load balancer.
`tcpTargetResetCount`	The total number of reset (RST) packets sent from a target to a client. These resets are generated by the target and forwarded by the load balancer.

NLB target group metrics

Target group data is stored in New Relic in the provider NlbTargetGroup. For example, you can use this data to facet error metrics by target group.

Metric	Description
`healthyHostCount`	The number of targets that are considered healthy.
`unHealthyHostCount`	The number of targets that are considered unhealthy.

Inventory data

EOL NOTICE

After March 2022, we're discontinuing support for several capabilities, including inventory data for cloud integrations. For more details, including how you can easily prepare for this transition, see our Explorers Hub post.

Inventory data provides information about the service's state and configuration. ALB/NLB configuration options are reported as inventory data.

aws/alb/load-balancer

Name	Description
`arn`	The Amazon Resource Name (ARN) of the load balancer.
`dnsName`	The public DNS name of the load balancer.
`canonicalHostedZoneId`	The ID of the Amazon Route 53 hosted zone associated with the load balancer.
`createdTime`	Timestamp with the date and time the load balancer was created.
`loadBalancerName`	The name of the load balancer.
`scheme`	The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer resolves publicly to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the Internet. The nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is resolves publicly to the private IP addresses of the nodes. Therefore, internal load balancers can only route requests from clients with access to the VPC for the load balancer.
`vpcId`	The ID of the VPC for the load balancer.
`state`	The state code. The initial state of the load balancer is `provisioning`. After the load balancer is fully set up and ready to route traffic, its state is `active`. If the load balancer could not be set up, its state is `failed`.
`availabilityZones`	Can be a list or a structure. As list: the availability zones for the load balancer. As structure: information about an availability zone.
`securityGroups`	List of the security group IDs for the load balancer.
`ipAddressType`	The type of IP addresses used by the subnets for your load balancer: `ipv4` (for IPv4 addresses) `dualstack` (for IPv4 and IPv6 addresses)
`type`	The type of load balancer.
`accessLogsS3Enabled`	Indicates whether access logs are enabled. The value is `true` or `false`. The default is `false` .
`accessLogsS3Prefix`	The prefix for the location in the S3 bucket for the access logs.
`accessLogsS3Bucket`	The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled.
`deletionProtectionEnabled`	Indicates whether deletion protection is enabled. The value is `true` or `false` . The default is `false` .
`idleTimeout`	The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.
`routingHttp2Enabled`	Indicates whether HTTP/2 is enabled. The value is `true` or `false`. The default is `true` .

aws/alb/target-group

Name	Description
`arn`	The Amazon Resource Name (ARN) of the target group
`targetGroupName`	The name of the target group
`protocol`	The protocol to use for routing traffic to the targets
`port`	The port on which the targets are listening
`vpcId`	The ID of the VPC for the targets
`healthCheckProtocol`	The protocol to use to connect with the target
`healthCheckTimeoutSeconds`	The amount of time, in seconds, during which no response means a failed health check
`healthyThresholdCount`	The number of consecutive health checks successes required before considering an unhealthy target healthy
`unhealthyThresholdCount`	The number of consecutive health check failures required before considering the target unhealthy
`healthCheckPath`	The destination for the health check request
`matcher`	Structure showing the HTTP codes to use when checking for a successful response from a target
`loadBalancerArn`	The Amazon Resource Names (ARN) of the load balancer that routes traffic to this target group
`stickinessEnabled`	Indicates whether sticky sessions are enabled. This is fetched only if extended inventory collection is enabled.
`sticknessType`	The type of stickiness. This is fetched only if extended inventory collection is enabled.
`deregistrationDelayTimeout`	The deregistration delay timeout. This is fetched only if extended inventory collection is enabled.
`slowStartDurationSeconds`	The time period, in seconds, during which a newly registered target receives a linearly increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic. This is fetched only if extended inventory collection is enabled.
`stickinessLbCookieDurationSeconds`	The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. This is fetched only if extended inventory collection is enabled.

aws/alb/listener

Listener state will be only fetched if extended inventory collection is enabled.

Name	Description
`arn`	The Amazon Resource Name (ARN) of the listener.
`protocol`	The protocol for connections from clients to the load balancer.
`port`	The port on which the load balancer is listening.
`loadBalancerArn`	The Amazon Resource Name (ARN) of the load balancer.

aws/alb/rule

Rule state will be only fetched if extended inventory collection is enabled.

Name	Description
`arn`	The Amazon Resource Name (ARN) of the rule
`priority`	The priority
`isDefault`	Indicates whether this is the default rule
`conditions`	The conditions
`actions`	The actions

aws/nlb/load-balancer

Name	Description
`arn`	The Amazon Resource Name (ARN) of the load balancer.
`dnsName`	The public DNS name of the load balancer.
`canonicalHostedZoneId`	The ID of the Amazon Route 53 hosted zone associated with the load balancer.
`createdTime`	Timestamp with the date and time the load balancer was created.
`loadBalancerName`	The name of the load balancer.
`scheme`	The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer publicly resolves to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the Internet. The nodes of an internal load balancer only have private IP addresses. The DNS name of an internal load balancer is publicly resolves to the private IP addresses of the nodes. Therefore, internal load balancers can only route requests from clients with access to the VPC for the load balancer.
`vpcId`	The ID of the VPC for the load balancer.
`state`	The state code. The initial state of the load balancer is `provisioning`. After the load balancer is fully set up and ready to route traffic, its state is `active`. If the load balancer could not be set up, its state is `failed`.
`availabilityZones`	Can be a list or a structure. As list: the availability zones for the load balancer. As structure: information about an availability zone.
`ipAddressType`	The type of IP addresses used by the subnets for your load balancer: `ipv4` (for IPv4 addresses) `dualstack` (for IPv4 and IPv6 addresses)
`type`	The type of load balancer.
`accessLogsS3Enabled`	Indicates whether access logs are enabled. The value is `true` or `false`. The default is `false` .
`accessLogsS3Prefix`	The prefix for the location in the S3 bucket for the access logs.
`accessLogsS3Bucket`	The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled.
`deletionProtectionEnabled`	Indicates whether deletion protection is enabled. The value is `true` or `false` . The default is `false` .
`crossZoneEnabled`	Indicates whether cross-zone load balancing is enabled. The value is `true` or `false` . The default is `false` .

aws/nlb/target-group

Name	Description
`arn`	The Amazon Resource Name (ARN) of the target group.
`targetGroupName`	The name of the target group.
`protocol`	The protocol to use for routing traffic to the targets.
`port`	The port on which the targets are listening.
`vpcId`	The ID of the VPC for the targets.
`healthCheckProtocol`	The protocol to use to connect with the target.
`healthCheckTimeoutSeconds`	The amount of time, in seconds, during which no response means a failed health check.
`healthyThresholdCount`	The number of consecutive health checks successes required before considering an unhealthy target healthy.
`unhealthyThresholdCount`	The number of consecutive health check failures required before considering the target unhealthy.
`healthCheckPath`	The destination for the health check request.
`loadBalancerArn`	The Amazon Resource Names (ARN) of the load balancer that routes traffic to this target group
`deregistrationDelayTimeout`	The deregistration delay timeout. This is fetched only if extended inventory collection is enabled.
`matcher`	Structure showing the HTTP codes to use when checking for a successful response from a target
`proxyProtocolV2Enabled`	Indicates whether Proxy Protocol version 2 is enabled. The value is `true` or `false` . The default is `false` . This is fetched only if extended inventory collection is enabled.

aws/nlb/listener

Listener state will be only fetched if extended inventory collection is enabled.

Name	Description
`arn`	The Amazon Resource Name (ARN) of the listener.
`protocol`	The protocol for connections from clients to the load balancer.
`port`	The port on which the load balancer is listening.
`loadBalancerArn`	The Amazon Resource Name (ARN) of the load balancer.

aws/nlb/rule

Rule state will be only fetched if extended inventory collection is enabled.

Name	Description
`arn`	The Amazon Resource Name (ARN) of the rule.
`priority`	The priority.
`isDefault`	Indicates whether this is the default rule.
`conditions`	The conditions.
`actions`	The actions.