Logging

 < Day Day Up > 

Apache provides for logging just about any web access information you might be interested in. Logging can help with

  • System resource management, by tracking usage

  • Intrusion detection, by documenting bad HTTP requests

  • Diagnostics, by recording errors in processing requests

Two standard log files are generated when you run your Apache server: access_log and error_log. They are found under the /var/log/httpd directory. (Others include the SSL logs ssl_access_log, ssl_error_log, and ssl_request_log.) All logs except for the error_log (by default, this is just the access_log) are generated in a format specified by the CustomLog and LogFormat directives. These directives appear in your httpd.conf file.

A new log format can be defined with the LogFormat directive:

 LogFormat "%h %l %u %t \"%r\" %>s %b" common 

The common log format is a good starting place for creating your own custom log formats. Note that most of the available log analysis tools assume you're using the common log format or the combined log format both of which are defined in the default configuration files.

The following variables are available for LogFormat statements:

%a

Remote IP address.

%A

Local IP address.

%b

Bytes sent, excluding HTTP headers. This is shown in Apache's Combined Log Format (CLF). For a request without any data content, a - is shown instead of 0.

%B

Bytes sent, excluding HTTP headers.

%{VARIABLE}e

The contents of the environment variable VARIABLE.

%f

The filename of the output log.

%h

Remote host.

%H

Request protocol.

%{HEADER}i

The contents of HEADER; header line(s) in the request sent to the server.

%l

Remote log name (from identd, if supplied).

%m

Request method.

%{NOTE}n

The contents of note NOTE from another module.

%{HEADER}o

The contents of HEADER; header line(s) in the reply.

%p

The canonical port of the server serving the request.

%P

The process ID of the child that serviced the request.

%q

The contents of the query string, prepended with a ? character. If there's no query string, this evaluates to an empty string.

%r

The first line of request.

%s

Status. For requests that were internally redirected, this is the status of the original request %>s for the last.

%t

The time, in common log time format.

%{format}t

The time, in the form given by format, which should be in strftime(3) format. See the section "Basic SSI Directives" later in this chapter for a complete list of available formatting options.

%T

The seconds taken to serve the request.

%u

Remote user from auth; this might be bogus if the return status (%s) is 401.

%U

The URL path requested.

%V

The server name according to the UseCanonicalName directive.

%v

The canonical ServerName of the server serving the request.


You can put a conditional in front of each variable to determine whether the variable is displayed. If the variable isn't displayed, - is displayed instead. These conditionals are in the form of a list of numerical return values. For example, %!401u displays the value of REMOTE_USER unless the return code is 401.

You can then specify the location and format of a log file using the CustomLog directive:

 CustomLog logs/access_log common 

If it isn't specified as an absolute path, the location of the log file is assumed to be relative to the ServerRoot.

     < Day Day Up > 


    Red Hat Fedora 4 Unleashed
    Red Hat Fedora 4 Unleashed
    ISBN: 0672327929
    EAN: 2147483647
    Year: 2006
    Pages: 361

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net