Configuring the Apache Error and Access Logs
Apache is an open-source and cross-stage HTTP worker. It has a great deal of ground-breaking highlights that can be stretched out by a wide assortment of modules. While overseeing Apache web workers, one of the most incessant assignments you'll perform is checking the log records.
Realizing how to design and read the logs is exceptionally valuable while investigating worker or application issues as they give point by point troubleshooting data.
Apache sets up accounts of its occasions in two kinds of logs: access logs and mistake logs. Access logs incorporate data about customer solicitations, and mistake logs data about the worker and application issues.
This article depicts how to arrange and peruse the Apache access and mistake logs.
Configuring the Access Log
Apache webserver produces another occasion in the entrance log for every prepared solicitation. Every occasion record contains a timestamp and incorporates different data about the customer and the mentioned asset. Access logs show the guests' area, the page they visit, how long they spend on the page, and significantly more.
The CustomLog mandate characterizes the area of the log record and the arrangement of the logged messages.
The most essential language structure of the CustomLog mandate is as per the following:
CustomLog log_file format [condition];
The log_file can be either comparative with the ServerRoot or a full way to the log document. The log messages can likewise be channeled to another program utilizing the line image |.
The subsequent contention, design determines the organization of the log messages. It tends to be either an express arrangement definition or an epithet characterized by the LogFormat mandate.
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
CustomLog logs/access.log combined
CustomLog logs/access.log "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\""
To abstain from rehashing a similar code on numerous occasions, incline toward characterizing the LogFormat mandate and utilizing it as a moniker in the CustomLog order.
For a total rundown of all organization strings and modifiers, check the "mod_log_config" module documentation.
The third contention [condition] is discretionary and permits you to compose log messages just when a particular condition is met. As a rule, this is finished utilizing climate factors. The condition can be invalidated with the ! image.
For instance, on the off chance that you need to prohibit solicitations to css documents to be kept in touch with the log record, you would utilize the accompanying:
SetEnvIf Request_URI \.css$ css-file
CustomLog logs/access.log custom env=!css-file
To change the logging design, you can either characterize another LogFormat order or abrogate the default design. Commonly it is smarter to characterize another configuration.
While the entrance log gives valuable data it takes plate space and may influence the worker execution. On the off chance that your worker is low on assets and you have a bustling site, you should debilitate the entrance log.
To do that, basically remark out or eliminate the CustomLog order from the fundamental worker setup and virtual worker areas.
In the event that you need to kill the entrance log just for one virtual host, set the principal contention of the CustomLog mandate to/dev/invalid:
CustomLog /dev/null combined
Configuring the Error Log
Apache composes messages about the application and general worker mistakes in the blunder log record. In the event that you are encountering blunders in your web application, the mistake log is the primary spot to begin for investigating issues.
The ErrorLog order characterizes the name area of the blunder log. It takes the accompanying structure:
ErrorLog log_file
On the off chance that the way to the log_file isn't total, at that point it is set as comparative with the ServerRoot. The mistake messages can likewise be funneled to another program utilizing the line image |.
The LogLevel boundary sets the degree of logging. The following are levels recorded by their seriousness (from low to high):
- trace1 - trace8 - Trace messages.
- troubleshoot - Debugging messages.
- data - Informational messages.
- notice - Notices.
- caution - Warnings.
- blunder - Errors while handling a solicitation.
- crit - Critical issues. Requires a brief activity.
- alert - Alerts. Move must be made right away.
- emerg - Emergency circumstance. The framework is in an unusable state.
Each log level incorporates the more elevated levels. For instance, on the off chance that you set the log level to caution, Apache likewise composes the blunder, crit, alert, and emerg messages.
At the point when the LogLevel boundary isn't determined, it defaults to caution. It is prescribed to set the level to in any event crit.
The ErrorLogFormat mandate indicates the organization of the blunder log. On most Linux dispersions, the Apache worker is utilizing the default design, which is adequate for most cases.
Virtual Hosts and Global Logging
The logging conduct and the area of the documents can be set either all around the world or per virtual host premise.
At that point the CustomLog or ErrorLog mandates are set in the fundamental worker setting, the worker composes all log messages to a similar access and blunder log documents. Something else, if the orders are set inside a <VirtualHost> block, just the log messages for that virtual host are kept in touch with the predetermined record.
The log order set in the <VirtualHost> block abrogates the one set in the worker setting.
Virtual hosts without CustomLog or ErrorLog mandates will have their log messages kept in touch with the worldwide worker logs.
For better coherence, it is prescribed to set separate access and mistake log documents for each virtual host. Here is a model:
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
ServerAdmin webmaster@example.com
DocumentRoot /var/www/example.com/public
LogLevel warn
ErrorLog /var/www/example.com/logs/error.log
CustomLog /var/www/example.com/logs/access.log combined
</VirtualHost>
At whatever point you alter the arrangement record, you need to restart the Apache administration for the progressions to produce results.
Location of the Log Files
Of course on Debian-based conveyances, for example, Ubuntu , access and blunder logs are situated in the/var/log/apache2 index. On CentOS the log documents are put in/var/log/httpd index.
Reading and Understanding the Apache Log Files
The log documents can be opened and parsed utilizing standard orders like feline , less , grep , cut , awk ,, etc.
Here is a model record from the entrance log document that utilizes the Debian' join log design:
192.168.33.1 - - [08/Jan/2020:21:39:03 +0000] "GET / HTTP/1.1" 200 6169 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36"
How about we separate what each field of the record implies:
- %h - 192.168.33.1 - The Hostname or the IP address of the customer making the solicitation.
- %l - Remote logname. At the point when the client name isn't set, this field shows - .
- %u - If the solicitation is validated, the far off client name is appeared.
- %t - [08/Jan/2020:21:39:03 +0000] - Local worker time.
- \"%r\" - "GET/HTTP/1.1" - First line of solicitation. The solicitation type, way, and convention.
- %>s - 200 - The last worker reaction code. In the event that the > image isn't utilized and the solicitation has been inside diverted, it will show the status of the first solicitation.
- %O - 396 - The size of worker reaction in bytes.
- \"%{Referer}i\" - "- " - The URL of the reference.
- \"%{User-Agent}i\" - Mozilla/5.0 ... - The client specialist of the customer (internet browser).
Utilize the tail order to watch the log document progressively:
tail -f access.log
Conclusion
Log records give you helpful data about worker issues and how guests cooperate with your site.
Apache has a truly configurable logging framework that permits you to modify the entrance and mistake logs as per your requirements.
On the off chance that you have any inquiries or criticism, don't hesitate to leave a remark.
