Document the ability to look at original of final subrequest.

[apache] / docs / manual / mod / mod_log_config.html.en

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
              This file is generated from xml source: DO NOT EDIT
        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
      -->
<title>mod_log_config - Apache HTTP Server</title>
<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" />
<link href="../images/favicon.ico" rel="shortcut icon" /></head>
<body>
<div id="page-header">
<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p>
<p class="apache">Apache HTTP Server Version 2.1</p>
<img alt="" src="../images/feather.gif" /></div>
<div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="../images/left.gif" /></a></div>
<div id="path">
<a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs-project/">Documentation</a> &gt; <a href="../">Version 2.1</a> &gt; <a href="./">Modules</a></div>
<div id="page-content">
<div id="preamble"><h1>Apache Module mod_log_config</h1>
<div class="toplang">
<p><span>Available Languages: </span><a href="../en/mod/mod_log_config.html" title="English">&nbsp;en&nbsp;</a> |
<a href="../ja/mod/mod_log_config.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a></p>
</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Logging of the requests made to the server</td></tr>
<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:</a></th><td>log_config_module</td></tr>
<tr><th><a href="module-dict.html#SourceFile">Source File:</a></th><td>mod_log_config.c</td></tr></table>
<h3>Summary</h3>

    <p>This module provides for flexible logging of client
    requests. Logs are written in a customizable format, and may be
    written directly to a file, or to an external program.
    Conditional logging is provided so that individual requests may
    be included or excluded from the logs based on characteristics
    of the request.</p>

    <p>Three directives are provided by this module:
    <code class="directive"><a href="#transferlog">TransferLog</a></code> to create
    a log file, <code class="directive"><a href="#logformat">LogFormat</a></code>
    to set a custom format, and <code class="directive"><a href="#customlog">CustomLog</a></code> to define a log file and format in one
    step. The <code class="directive">TransferLog</code> and <code class="directive">CustomLog</code> directives can be used multiple times in each
    server to cause each request to be logged to multiple files.</p>
</div>
<div id="quickview"><h3 class="directives">Directives</h3>
<ul id="toc">
<li><img alt="" src="../images/down.gif" /> <a href="#cookielog">CookieLog</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#customlog">CustomLog</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#logformat">LogFormat</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#transferlog">TransferLog</a></li>
</ul>
<h3>Topics</h3>
<ul id="topics">
<li><img alt="" src="../images/down.gif" /> <a href="#formats">Custom Log Formats</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#security">Security Considerations</a></li>
</ul><h3>See also</h3>
<ul class="seealso">
<li><a href="../logs.html">Apache Log Files</a></li>
</ul></div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="formats" id="formats">Custom Log Formats</a></h2>

    <p>The format argument to the <code class="directive"><a href="#logformat">LogFormat</a></code> and <code class="directive"><a href="#customlog">CustomLog</a></code> directives is a string. This string is
    used to log each request to the log file. It can contain literal
    characters copied into the log files and the C-style control
    characters "\n" and "\t" to represent new-lines and tabs.
    Literal quotes and back-slashes should be escaped with
    back-slashes.</p>

    <p>The characteristics of the request itself are logged by
    placing "<code>%</code>" directives in the format string, which are
    replaced in the log file by the values as follows:</p>

    <table class="bordered"><tr class="header"><th>Format&nbsp;String</th>
        <th>Description</th></tr>
<tr><td><code>%%</code></td>
        <td>The percent sign</td></tr>
<tr class="odd"><td><code>%...a</code></td>
        <td>Remote IP-address</td></tr>
<tr><td><code>%...A</code></td>
        <td>Local IP-address</td></tr>
<tr class="odd"><td><code>%...B</code></td>
        <td>Bytes sent, excluding HTTP headers.</td></tr>
<tr><td><code>%...b</code></td>
        <td>Bytes sent, excluding HTTP headers. In CLF format, <em>i.e.</em>
        a '<code>-</code>' rather than a 0 when no bytes are sent.</td></tr>
<tr class="odd"><td><code>%...{<var>Foobar</var>}C</code></td>
        <td>The contents of cookie <var>Foobar</var> in the request sent
        to the server.</td></tr>
<tr><td><code>%...D</code></td>
        <td>The time taken to serve the request, in microseconds.</td></tr>
<tr class="odd"><td><code>%...{<var>FOOBAR</var>}e</code></td>
        <td>The contents of the environment variable
        <var>FOOBAR</var></td></tr>
<tr><td><code>%...f</code></td>
        <td>Filename</td></tr>
<tr class="odd"><td><code>%...h</code></td>
        <td>Remote host</td></tr>
<tr><td><code>%...H</code></td>
        <td>The request protocol</td></tr>
<tr class="odd"><td><code>%...{<var>Foobar</var>}i</code></td>
        <td>The contents of <code><var>Foobar</var>:</code> header line(s)
        in the request sent to the server.</td></tr>
<tr><td><code>%...l</code></td>
        <td>Remote logname (from identd, if supplied). This will return a
        dash unless <code class="module"><a href="../mod/mod_ident.html">mod_ident</a></code> is present and <code class="directive"><a href="../mod/mod_ident.html#identitycheck">IdentityCheck</a></code> is set
        <code>On</code>.</td></tr>
<tr class="odd"><td><code>%...m</code></td>
        <td>The request method</td></tr>
<tr><td><code>%...{<var>Foobar</var>}n</code></td>
        <td>The contents of note <var>Foobar</var> from another
        module.</td></tr>
<tr class="odd"><td><code>%...{<var>Foobar</var>}o</code></td>
        <td>The contents of <code><var>Foobar</var>:</code> header line(s)
        in the reply.</td></tr>
<tr><td><code>%...p</code></td>
        <td>The canonical port of the server serving the request</td></tr>
<tr class="odd"><td><code>%...P</code></td>
        <td>The process ID of the child that serviced the request.</td></tr>
<tr><td><code>%...{<var>format</var>}P</code></td>
        <td>The process ID or thread id of the child that serviced the 
        request.  Valid formats are <code>pid</code> and <code>tid</code>.
        </td></tr>
<tr class="odd"><td><code>%...q</code></td>
        <td>The query string (prepended with a <code>?</code> if a query
        string exists, otherwise an empty string)</td></tr>
<tr><td><code>%...r</code></td>
        <td>First line of request</td></tr>
<tr class="odd"><td><code>%...s</code></td>
        <td>Status. For requests that got internally redirected, this is
        the status of the *original* request --- <code>%...&gt;s</code>
        for the last.</td></tr>
<tr><td><code>%...t</code></td>
        <td>Time, in common log format time format (standard english
        format)</td></tr>
<tr class="odd"><td><code>%...{<var>format</var>}t</code></td>
        <td>The time, in the form given by format, which should be in
        <code>strftime(3)</code> format. (potentially localized)</td></tr>
<tr><td><code>%...T</code></td>
        <td>The time taken to serve the request, in seconds.</td></tr>
<tr class="odd"><td><code>%...u</code></td>
        <td>Remote user (from auth; may be bogus if return status
        (<code>%s</code>) is 401)</td></tr>
<tr><td><code>%...U</code></td>
        <td>The URL path requested, not including any query string.</td></tr>
<tr class="odd"><td><code>%...v</code></td>
        <td>The canonical <code class="directive"><a href="../mod/core.html#servername">ServerName</a></code>
        of the server serving the request.</td></tr>
<tr><td><code>%...V</code></td>
        <td>The server name according to the <code class="directive"><a href="../mod/core.html#usecanonicalname">UseCanonicalName</a></code> setting.</td></tr>
<tr class="odd"><td><code>%...X</code></td>
        <td>Connection status when response is completed:

        <table>
        
        <tr><td><code>X</code> =</td>
            <td>connection aborted before the response completed.</td></tr>
        <tr><td><code>+</code> =</td>
            <td>connection may be kept alive after the response is
            sent.</td></tr>
        <tr><td><code>-</code> = </td>
            <td>connection will be closed after the response is
            sent.</td></tr>
        </table>

        <p>(This directive was <code>%...c</code> in late versions of Apache
        1.3, but this conflicted with the historical ssl
        <code>%...{<var>var</var>}c</code> syntax.)</p></td></tr>
<tr><td><code>%...I</code></td>
        <td>Bytes received, including request and headers, cannot be zero.
        You need to enable <code class="module"><a href="../mod/mod_logio.html">mod_logio</a></code> to use this.</td></tr>
<tr class="odd"><td><code>%...O</code></td>
        <td>Bytes sent, including headers, cannot be zero. You need to
        enable <code class="module"><a href="../mod/mod_logio.html">mod_logio</a></code> to use this.</td></tr>
</table>

    <p>The "<var>...</var>" can be nothing at all (<em>e.g.</em>,
    <code>"%h %u %r %s %b"</code>), or it can indicate conditions for
    inclusion of the item (which will cause it to be replaced with "-" if
    the condition is not met). The forms of condition are a list of
    HTTP status codes, which may or may not be preceded by "!".
    Thus, "%400,501{User-agent}i" logs <code>User-agent:</code> on 400
    errors and 501 errors (Bad Request, Not Implemented) only;
    "%!200,304,302{Referer}i" logs <code>Referer:</code> on all requests
    which did <em>not</em> return some sort of normal status.</p>

    <p>The modifiers "&lt;" and "&gt;" can be used for requests that
    have been internally redirected to choose whether the original or
    final (respectively) request should be consulted.  By default, the
    <code>%</code> directives <code>%s, %U, %T, %D,</code> and
    <code>%r</code> look at the original request while all others look
    at the final request.  So for example, <code>%&gt;s</code> can be
    used to record the final status of the request and
    <code>%&lt;u</code> can be used to record the original
    authenticated user on a request that is internally redirect to an
    unauthenticated resource.</p>

    <p>Note that in httpd 2.0 versions prior to 2.0.46, no escaping was performed
    on the strings from <code>%...r</code>, <code>%...i</code> and
    <code>%...o</code>. This was mainly to comply with the requirements of
    the Common Log Format. This implied that clients could insert control
    characters into the log, so you had to be quite careful when dealing
    with raw log files.</p>

    <p>For security reasons, starting with 2.0.46, non-printable and
    other special characters are escaped mostly by using
    <code>\x<var>hh</var></code> sequences, where <var>hh</var> stands for
    the hexadecimal representation of the raw byte. Exceptions from this
    rule are <code>"</code> and <code>\</code> which are escaped by prepending
    a backslash, and all whitespace characters which are written in their
    C-style notation (<code>\n</code>, <code>\t</code> etc).</p>

    <p>Some commonly used log format strings are:</p>

    <dl>
      <dt>Common Log Format (CLF)</dt>
      <dd><code>"%h %l %u %t \"%r\" %&gt;s %b"</code></dd>

      <dt>Common Log Format with Virtual Host</dt>
      <dd><code>"%v %h %l %u %t \"%r\" %&gt;s %b"</code></dd>

      <dt>NCSA extended/combined log format</dt>
      <dd><code>"%h %l %u %t \"%r\" %&gt;s %b \"%{Referer}i\"
      \"%{User-agent}i\""</code></dd>

      <dt>Referer log format</dt>
      <dd><code>"%{Referer}i -&gt; %U"</code></dd>

      <dt>Agent (Browser) log format</dt>
      <dd><code>"%{User-agent}i"</code></dd>
    </dl>

    <p>Note that the canonical <code class="directive"><a href="../mod/core.html#servername">ServerName</a></code> and <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> of the server serving the
    request are used for <code>%v</code> and <code>%p</code>
    respectively. This happens regardless of the <code class="directive"><a href="../mod/core.html#usecanonicalname">UseCanonicalName</a></code> setting
    because otherwise log analysis programs would have to duplicate
    the entire vhost matching algorithm in order to decide what
    host really served the request.</p>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="security" id="security">Security Considerations</a></h2>
    <p>See the <a href="../misc/security_tips.html#serverroot">security tips</a>
    document for details on why your security could be compromised
    if the directory where logfiles are stored is writable by
    anyone other than the user that starts the server.</p>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="CookieLog" id="CookieLog">CookieLog</a> <a name="cookielog" id="cookielog">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets filename for the logging of cookies</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>CookieLog <var>filename</var></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_log_config</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>This directive is deprecated.</td></tr>
</table>
    <p>The <code class="directive">CookieLog</code> directive sets the 
    filename for logging of cookies. The filename is relative to the
    <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>. This directive is
    included only for compatibility with <code>mod_cookies</code>,
    and is deprecated.</p>

</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="CustomLog" id="CustomLog">CustomLog</a> <a name="customlog" id="customlog">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Sets filename and format of log file</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>CustomLog  <var>file</var>|<var>pipe</var>
<var>format</var>|<var>nickname</var>
[env=[!]<var>environment-variable</var>]</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_log_config</td></tr>
</table>
    <p>The <code class="directive">CustomLog</code> directive is used to
    log requests to the server. A log format is specified, and the
    logging can optionally be made conditional on request
    characteristics using environment variables.</p>

    <p>The first argument, which specifies the location to which
    the logs will be written, can take one of the following two
    types of values:</p>

    <dl>
      <dt><var>file</var></dt>
      <dd>A filename, relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.</dd>

      <dt><var>pipe</var></dt>
      <dd>The pipe character "<code>|</code>", followed by the path
      to a program to receive the log information on its standard
      input.

      <div class="warning"><h3>Security:</h3>
      <p>If a program is used, then it will be run as the user who
      started httpd. This will be root if the server was started by root;
      be sure that the program is secure.</p>
      </div>
      <div class="warning"><h3>Note</h3>
        <p>When entering a file path on non-Unix platforms, care should be taken
        to make sure that only forward slashed are used even though the platform
        may allow the use of back slashes. In general it is a good idea to always 
        use forward slashes throughout the configuration files.</p>
      </div></dd>
    </dl>

    <p>The second argument specifies what will be written to the
    log file. It can specify either a <var>nickname</var> defined by
    a previous <code class="directive"><a href="#logformat">LogFormat</a></code>
    directive, or it can be an explicit <var>format</var> string as
    described in the <a href="#formats">log formats</a> section.</p>

    <p>For example, the following two sets of directives have
    exactly the same effect:</p>

    <div class="example"><p><code>
      # CustomLog with format nickname<br />
      LogFormat "%h %l %u %t \"%r\" %&gt;s %b" common<br />
      CustomLog logs/access_log common<br />
      <br />
      # CustomLog with explicit format string<br />
      CustomLog logs/access_log "%h %l %u %t \"%r\" %&gt;s %b"
    </code></p></div>

    <p>The third argument is optional and controls whether or
    not to log a particular request based on the
    presence or absence of a particular variable in the server
    environment. If the specified <a href="../env.html">environment
    variable</a> is set for the request (or is not set, in the case
    of a '<code>env=!<var>name</var></code>' clause), then the
    request will be logged.</p>

    <p>Environment variables can be set on a per-request
    basis using the <code class="module"><a href="../mod/mod_setenvif.html">mod_setenvif</a></code>
    and/or <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> modules. For
    example, if you want to record requests for all GIF
    images on your server in a separate logfile but not in your main
    log, you can use:</p>
    
    <div class="example"><p><code>
      SetEnvIf Request_URI \.gif$ gif-image<br />
      CustomLog gif-requests.log common env=gif-image<br />
      CustomLog nongif-requests.log common env=!gif-image
    </code></p></div>

</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="LogFormat" id="LogFormat">LogFormat</a> <a name="logformat" id="logformat">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Describes a format for use in a log file</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LogFormat <var>format</var>|<var>nickname</var>
[<var>nickname</var>]</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LogFormat "%h %l %u %t \"%r\" %&gt;s %b"</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_log_config</td></tr>
</table>
    <p>This directive specifies the format of the access log
    file.</p>

    <p>The <code class="directive">LogFormat</code> directive can take one of two
    forms. In the first form, where only one argument is specified,
    this directive sets the log format which will be used by logs
    specified in subsequent <code class="directive">TransferLog</code>
    directives. The single argument can specify an explicit
    <var>format</var> as discussed in the <a href="#formats">custom log
    formats</a> section above. Alternatively, it can use a
    <var>nickname</var> to refer to a log format defined in a
    previous <code class="directive">LogFormat</code> directive as described
    below.</p>

    <p>The second form of the <code class="directive">LogFormat</code> 
    directive associates an explicit <var>format</var> with a
    <var>nickname</var>. This <var>nickname</var> can then be used in
    subsequent <code class="directive">LogFormat</code> or
    <code class="directive"><a href="#customlog">CustomLog</a></code> directives
    rather than repeating the entire format string. A
    <code class="directive">LogFormat</code> directive that defines a nickname
    <strong>does nothing else</strong> -- that is, it <em>only</em>
    defines the nickname, it doesn't actually apply the format and make
    it the default. Therefore, it will not affect subsequent
    <code class="directive"><a href="#transferlog">TransferLog</a></code> directives.
    In addition, <code class="directive">LogFormat</code> cannot use one nickname
    to define another nickname. Note that the nickname should not contain
    percent signs (<code>%</code>).</p>

    <div class="example"><h3>Example</h3><p><code>
      LogFormat "%v %h %l %u %t \"%r\" %&gt;s %b" vhost_common
    </code></p></div>

</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="TransferLog" id="TransferLog">TransferLog</a> <a name="transferlog" id="transferlog">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specify location of a log file</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>TransferLog <var>file</var>|<var>pipe</var></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_log_config</td></tr>
</table>
    <p>This directive has exactly the same arguments and effect as
    the <code class="directive"><a href="#customlog">CustomLog</a></code>
    directive, with the exception that it does not allow the log format
    to be specified explicitly or for conditional logging of requests.
    Instead, the log format is determined by the most recently specified
    <code class="directive"><a href="#logformat">LogFormat</a></code> directive
    which does not define a nickname. Common Log Format is used if no
    other format has been specified.</p>

    <div class="example"><h3>Example</h3><p><code>
      LogFormat "%h %l %u %t \"%r\" %&gt;s %b \"%{Referer}i\" \"%{User-agent}i\""<br />
      TransferLog logs/access_log
    </code></p></div>

</div>
</div>
<div class="bottomlang">
<p><span>Available Languages: </span><a href="../en/mod/mod_log_config.html" title="English">&nbsp;en&nbsp;</a> |
<a href="../ja/mod/mod_log_config.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a></p>
</div><div id="footer">
<p class="apache">Copyright 1999-2004 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div>
</body></html>