I have a apache server that listens to three different random ports. I want the incoming data to be logged to three different files. Also is it possible to create a new log file every minute?
You'd simply add the log directives to each virtual host, e.g.:
LogLevel info
ErrorLog /var/log/apache2/first_site_error.log
CustomLog /var/log/apache2/first_site_access.log combined
..
Apache itself has no feature to rotate logs so you'd have to use something like logrotate and configure it accordingly.
Here's an excellent article describing every step in detail:
https://www.digitalocean.com/community/tutorials/how-to-configure-logging-and-log-rotation-in-apache-on-an-ubuntu-vps
Related
We have the following in our httpd.conf files:-
ErrorLog "| /usr/HTTPServer/bin/rotatelogs /wslogs/instance_name/hostname_%m%d%Y_error.log 86400"
CustomLog "| /usr/HTTPServer/bin/rotatelogs /wslogs/instance_name/hostname_%m%d%Y_access.log 86400" combined
This writes the piped logs to /wslogs/instance_name using the format described above.
We see that in no time these log files tend to occupy whole lot space under /wslogs and we are unaware of that.
And then when we do our deployments that also has a step to restart server, the server fails to restart with an error:-
httpd (no pid file) not running
Error writing to the file /wslogs/instance_name/server_name_12022016_error.log
Then we have to manually clean the wslogs folder.
Is there a way to automatically handle this and make sure these logs are there only for last 10 days, or in other words a way to delete logs older than 10 days.
Any suggestions/solutions here would be greatly appreciated.
You cannot manage the historical files with the http server itself. You need to use something external like logrotate or your own cron scripts.
I recently replaced Google Analytics by the self-hosted analytics tool Piwik.
This means that every time someone connects my website http://www.mywebsite.com, a Javascript tracking code is executed on the client, that calls my Piwik server http://www.mywebsite.com/piwik/piwik.php
Result:
on my server's Apache access.log, there is a line about http://www.mywebsite.com, that's normal
in my Piwik database, an information is stored about this visit, this is normal
on my server's Apache access.log, there is a line about the fact my Piwik server received a tracking request (executed by client with JS)
The logging part 3. is clearly too much!
From now, since Piwik in installed, my access.log is double sized!
How to remove the fact that Apache logs in access.log the connection to http://www.mywebsite.com/piwik/piwik.php ? i.e. client JS tracking code <--> Piwik server ?
The solution is to disable logging of certain requests (for example in
/etc/apache2/sites-available/000-default.conf with Debian 8):
<VirtualHost *:80>
ServerName www.mywebsite.com
DocumentRoot /home/www/mywebsite
...
SetEnvIf Request_URI "^/piwik(.*)$" dontlog
CustomLog ${APACHE_LOG_DIR}/other_vhosts_access.log vhost_combined env=!dontlog
</VirtualHost>
The Apache manual contains a section on conditional logging
https://httpd.apache.org/docs/2.4/logs.html
What you need to do is set an environment variable when a condition is met (path is piwik/piwik.php)? Then you can use that environment variable in the apache log file configuration.
Disabling your tracking logs in Apache log file is not the best idea. If your Piwik will crash for some reason or your tracking will not work for some period of time (eg. over the weekend) you will loose your data.
Apache logs can save you here, you can then replay your traffic using LogAnalytics: http://piwik.org/log-analytics/#logfile
It is better to have reasonable log file storing policy then removing data from your log.
I am trying to make all of my apache and drush logs forward to my Splunk server via rsyslog.
First, in my /etc/httpd/conf/httpd.conf file I change the entry:
ErrorLog var/log/httpd/error_log
to:
ErrorLog syslog:local1
as described at: http://wiki.rsyslog.com/index.php/Working_Apache_and_Rsyslog_configuration
Then in /etc/rsyslog.conf, I add:
# Save apache messages to apache.log
local1.* /var/log/apache.log
to have the logs prefixed with local1. to the local file /var/log/apache.log
and then:
local1.* ##splunk.myserver.com:8002
where my splunk server is set to listen for tcp connections on port 8002.
I haven't made an attempt at drush yet. The problem is that apache is logging fine to the previous setting to log to /var/log/httpd/error_log, but after I make my changes nothing goes to /var/log/apache.log or to my splunk server.
I restart both rsyslog and apache after making my changes to conf files.
I met the same thing
I fix it follow this: 1 make a error log, like access http://192.168.1.10/sadaf.php. Then to see the /var/error.log have it?
If have it, I test splunk server use port 514,and the sourcetype use syslog.
You can try it.
I'm working on a web site where the client doesn't want ANY logging on the site for privacy reasons. The site will be hosted on the same Apache Web Server as a number of other websites which is why I can just turn logging off in Apache. Is there some way to disable logging for an individual site using htaccess rules or by adding something to the VirtualHost settings?
The options seem to be
Sending to /dev/null on *nix or C:/nul on Windows (see here)
Removing the base logging directives and duplicating them in each vhost (so there is no logging on for vhosts by default)
Seems like there should be some better way to do this, but that's what I've found.
Yes, just comment out (using a '#') the ErrorLog and CustomLog entries in the httpd conf for your virtual host.
http://www.mydigitallife.info/how-to-disable-and-turn-off-apache-httpd-access-and-error-log/
I achieve this by making the logging dependent on a non-existing environment variable. So in the VirtualHost you can have:
CustomLog /var/log/httpd/my_access_log combined env=DISABLED
and so long as there is no environment variable called DISABLED then you'll get no logs.
I actually arrived here looking for a neater solution but this works without having to change the global httpd.conf.
Edit: removed reference to .htaccess because CustomLog only applies in the global config or in the virtual host config as pointed out by #Basj
What are the access.log.* files?
Apache, I believe, does log rotation. So these would be the older log files with the access.log file being the current one.
Apache / apache2 itself doesn't do its own log rotation. On *nix systems, logs (including logs by Apache) are usually rotated via logrotate, a command which looks like a service but is actually only a script triggered by cron in defined intervals. (#nobody already pointed that out in comments). One default logrotate configuration appends ".1" to an older, rotated log, so a file like access.log.1 would end up in your logs directory. This is what you are probably seeing.
Is it possible to have apache log to multiple log files?
The question's title can be ambiguous. For anyone coming here to learn if it is possible to make Apache write to multiple log files simultaneously, the answer is: Yes.
The TransferLog or CustomLog directives are used to define logfiles. These directives can be repeated to make Apache write to more than one log file. This also works for VHOSTS / Virtual Host entris. Only ancient Apache releases were limited to only one logfile per server configuration.