--- /dev/null
+<?xml version="1.0"?>
+<?xml-stylesheet type="text/xsl" href="../style/manual.xsl"?>
+<modulesynopsis>
+
+<name>mod_log_config</name>
+<status>Base</status>
+<identifier>log_config_module</identifier>
+<compatibility></compatibility>
+
+<description>This module provides for logging of the requests
+made to the server, using the Common Log Format or a
+user-specified format.</description>
+
+<summary>
+
+ <p>This module provides for flexible logging of client
+ requests. Logs are written in a customizable format, and may be
+ written directly to a file, or to an external program.
+ Conditional logging is provided so that individual requests may
+ be included or excluded from the logs based on characteristics
+ of the request.</p>
+
+ <p>Three directives are provided by this module:
+ <code>TransferLog</code> to create a log file,
+ <code>LogFormat</code> to set a custom format, and
+ <code>CustomLog</code> to define a log file and format in one
+ step. The <code>TransferLog</code> and <code>CustomLog</code>
+ directives can be used multiple times in each server to cause
+ each request to be logged to multiple files.</p>
+
+<seealso><strong>See also</strong>:
+<a href="../logs.html">Apache Log Files</a>.</seealso>
+
+<section>
+<title>Custom Log Formats</title>
+
+ <p>The format argument to the <code>LogFormat</code> and
+ <code>CustomLog</code> directives is a string. This string is
+ logged to the log file for each request. It can contain literal
+ characters copied into the log files and the c-type control
+ characters "\n" and "\t" to represent new-lines and tabs.
+ Literal quotes and back-slashes should be escaped with
+ back-slashes.</p>
+
+ <p>The characteristics of the request itself are logged by
+ placing "%" directives in the format string, which are replaced
+ in the log file by the values as follows:</p>
+
+<table>
+
+<tr><td>%...a:</td>
+<td>Remote IP-address</td></tr>
+
+<tr><td>%...A:</td>
+<td>Local IP-address</td></tr>
+
+<tr><td>%...B:</td>
+<td>Bytes sent, excluding HTTP headers.</td></tr>
+
+<tr><td>%...b:</td>
+<td>Bytes sent, excluding HTTP headers. In CLF format
+i.e. a '-' rather than a 0 when no bytes are sent.</td></tr>
+
+<tr><td>%...{Foobar}C:</td>
+<td>The contents of cookie "Foobar" in the request sent to the server.</td></tr>
+
+<tr><td>%...D:</td>
+<td>The time taken to serve the request, in microseconds.</td></tr>
+
+<tr><td>%...{FOOBAR}e:</td>
+<td>The contents of the environment variable FOOBAR</td></tr>
+
+<tr><td>%...f:</td>
+<td>Filename</td></tr>
+
+<tr><td>%...h:</td>
+<td>Remote host</td></tr>
+
+<tr><td>%...H</td>
+<td>The request protocol</td></tr>
+
+<tr><td>%...{Foobar}i:</td>
+<td>The contents of Foobar: header line(s) in the request
+sent to the server.</td></tr>
+
+<tr><td>%...l:</td>
+<td>Remote logname (from identd, if supplied)</td></tr>
+
+<tr><td>%...m:</td>
+<td>The request method</td></tr>
+
+<tr><td>%...{Foobar}n:</td>
+<td>The contents of note "Foobar" from another module.</td></tr>
+
+<tr><td>%...{Foobar}o:</td>
+<td>The contents of Foobar: header line(s) in the reply.</td></tr>
+
+<tr><td>%...p:</td>
+<td>The canonical Port of the server serving the request</td></tr>
+
+<tr><td>%...P:</td>
+<td>The process ID of the child that serviced the request.</td></tr>
+
+<tr><td>%...q:</td>
+<td>The query string (prepended with a ? if a query string exists,
+otherwise an empty string)</td></tr>
+
+<tr><td>%...r:</td>
+<td>First line of request</td></tr>
+
+<tr><td>%...s:</td>
+<td>Status. For requests that got internally redirected, this is
+the status of the *original* request --- %...>s for the last.</td></tr>
+
+<tr><td>%...t:</td>
+<td>Time, in common log format time format (standard english format)</td></tr>
+
+<tr><td>%...{format}t:</td>
+<td>The time, in the form given by format, which should
+be in strftime(3) format. (potentially localized)</td></tr>
+
+<tr><td>%...T:</td>
+<td>The time taken to serve the request, in seconds.</td></tr>
+
+<tr><td>%...u:</td>
+<td>Remote user (from auth; may be bogus if return status (%s) is 401)</td></tr>
+
+<tr><td>%...U:</td>
+<td>The URL path requested, not including any query string.</td></tr>
+
+<tr><td>%...v:</td>
+<td>The canonical ServerName of the server serving the request.</td></tr>
+
+<tr><td>%...V:</td>
+<td>The server name according to the UseCanonicalName setting.</td></tr>
+
+<tr><td>%...X:</td>
+<td>Connection status when response is completed.
+<example>
+'X' = connection aborted before the response completed.<br />
+'+' = connection may be kept alive after the response is sent.<br />
+'-' = connection will be closed after the response is sent.
+</example>
+(This directive was %...c in late versions of Apache 1.3, but
+this conflicted with the historical ssl %...{var}c syntax.)</td></tr>
+
+</table>
+
+ <p>The "..." can be nothing at all (<em>e.g.</em>, <code>"%h %u
+ %r %s %b"</code>), or it can indicate conditions for inclusion
+ of the item (which will cause it to be replaced with "-" if the
+ condition is not met). The forms of condition are a list of
+ HTTP status codes, which may or may not be preceded by "!".
+ Thus, "%400,501{User-agent}i" logs User-agent: on 400 errors
+ and 501 errors (Bad Request, Not Implemented) only;
+ "%!200,304,302{Referer}i" logs Referer: on all requests which
+ did <strong>not</strong> return some sort of normal status.</p>
+
+ <p>Note that there is no escaping performed on the strings from
+ %...r, %...i and %...o. This is mainly to comply with the
+ requirements of the Common Log Format. This implies that
+ clients can insert control characters into the log, so care
+ should be taken when dealing with raw log files.</p>
+
+ <p>Some commonly used log format strings are:</p>
+
+ <dl>
+ <dt>Common Log Format (CLF)</dt>
+
+ <dd><code>"%h %l %u %t \"%r\" %>s %b"</code></dd>
+
+ <dt>Common Log Format with Virtual Host</dt>
+
+ <dd><code>"%v %h %l %u %t \"%r\" %>s %b"</code></dd>
+
+ <dt>NCSA extended/combined log format</dt>
+
+ <dd><code>"%h %l %u %t \"%r\" %>s %b \"%{Referer}i\"
+ \"%{User-agent}i\""</code></dd>
+
+ <dt>Referer log format</dt>
+
+ <dd><code>"%{Referer}i -> %U"</code></dd>
+
+ <dt>Agent (Browser) log format</dt>
+
+ <dd><code>"%{User-agent}i"</code></dd>
+ </dl>
+
+ <p>Note that the canonical <a
+ href="core.html#servername">ServerName</a> and <a
+ href="mpm_common.html#listen">Listen</a> of the server serving the
+ request are used for <code>%v</code> and <code>%p</code>
+ respectively. This happens regardless of the <a
+ href="core.html#usecanonicalname">UseCanonicalName</a> setting
+ because otherwise log analysis programs would have to duplicate
+ the entire vhost matching algorithm in order to decide what
+ host really served the request.</p>
+ </section>
+
+ <section>
+
+ <title>Security Considerations</title>
+
+ <p>See the <a
+ href="../misc/security_tips.html#serverroot">security tips</a>
+ document for details on why your security could be compromised
+ if the directory where logfiles are stored is writable by
+ anyone other than the user that starts the server.</p>
+
+ </section>
+
+</summary>
+
+<directivesynopsis>
+<name>CookieLog</name>
+<description>Sets filename for the logging of cookies</description>
+<syntax>CookieLog <em>filename</em></syntax>
+<default><i>none</i></default>
+<contextlist><context>server config</context><context>virtual
+host</context></contextlist>
+<compatibility>Only available in Apache 1.2 and above</compatibility>
+
+<usage>
+
+ <p>The <directive>CookieLog</directive> directive sets the
+ filename for logging of cookies. The filename is relative to the
+ <directive module="core">serverroot</directive>. This directive is
+ included only for compatibility with <module>mod_cookies</module>,
+ and is deprecated.</p>
+</usage>
+
+</directivesynopsis>
+
+<directivesynopsis>
+<name>CustomLog</name>
+<description>Sets filename and format of log file</description>
+<syntax>CustomLog
+ <em>file</em>|<em>pipe</em> <em>format</em>|<em>nickname</em>
+ [env=[!]<em>environment-variable</em>]</syntax>
+<default><i>none</i></default>
+<contextlist><context>server config</context><context>virtual
+host</context></contextlist>
+<compatibility>Nickname only available in Apache 1.3 or later.
+Conditional logging available in 1.3.5 or later.</compatibility>
+
+
+<usage>
+ <p>The <directive>CustomLog</directive> directive is used to
+ log requests to the server. A log format is specified, and the
+ logging can optionally be made conditional on request
+ characteristics using environment variables.</p>
+
+ <p>The first argument, which specifies the location to which
+ the logs will be written, can take on one of the following two
+ types of values:</p>
+
+ <dl>
+ <dt><em>file</em></dt>
+
+ <dd>A filename, relative to the <a
+ href="core.html#serverroot">ServerRoot</a>.</dd>
+
+ <dt><em>pipe</em></dt>
+
+ <dd>The pipe character "<code>|</code>", followed by the path
+ to a program to receive the log information on its standard
+ input. <strong>Security:</strong> if a program is used, then
+ it will be run under the user who started httpd. This will be
+ root if the server was started by root; be sure that the
+ program is secure.</dd>
+ </dl>
+
+ <p>The second argument specifies what will be written to the
+ log file. It can specify either a <em>nickname</em> defined by
+ a previous <a href="#logformat">LogFormat</a> directive, or it
+ can be an explicit <em>format</em> string as described in the
+ <a href="#formats">log formats</a> section.</p>
+
+ <p>For example, the following two sets of directives have
+ exactly the same effect:</p>
+
+<example>
+ # CustomLog with format nickname<br />
+ LogFormat "%h %l %u %t \"%r\" %>s %b" common<br />
+ CustomLog logs/access_log common<br />
+<br />
+ # CustomLog with explicit format string<br />
+ CustomLog logs/access_log "%h %l %u %t \"%r\" %>s %b"<br />
+</example>
+
+ <p>The third argument is optional and allows the decision on
+ whether or not to log a particular request to be based on the
+ presence or absence of a particular variable in the server
+ environment. If the specified <a href="../env.html">environment
+ variable</a> is set for the request (or is not set, in the case
+ of a '<code>env=!<em>name</em></code>' clause), then the
+ request will be logged.</p>
+
+ <p>Environment variables can be set on a <em>per</em>-request
+ basis using the <module>mod_setenvif</module>
+ and/or <module>mod_rewrite</module> modules. For
+ example, if you don't want to record requests for all GIF
+ images on your server in a separate logfile but not your main
+ log, you can use:</p>
+
+<example>
+ SetEnvIf Request_URI \.gif$ gif-image<br />
+ CustomLog gif-requests.log common env=gif-image<br />
+ CustomLog nongif-requests.log common env=!gif-image
+</example>
+</usage>
+
+</directivesynopsis>
+
+<directivesynopsis>
+<name>LogFormat</name>
+<description>Describes a format for use in a log file</description>
+<syntax>LogFormat
+ <em>format</em>|<em>nickname</em> [<em>nickname</em>]</syntax>
+<default><i>none</i></default>
+<contextlist><context>server config</context><context>virtual
+host</context></contextlist>
+<compatibility>Nickname only available in Apache 1.3 or later.
+</compatibility>
+
+<usage>
+ <p>This directive specifies the format of the access log
+ file.</p>
+
+ <p>The <directive>LogFormat</directive> directive can take one of two
+ forms. In the first form, where only one argument is specified,
+ this directive sets the log format which will be used by logs
+ specified in subsequent <directive>TransferLog</directive>
+ directives. The single argument can specify an explicit
+ <em>format</em> as discussed in <a href="#formats">custom log
+ formats</a> section above. Alternatively, it can use a
+ <em>nickname</em> to refer to a log format defined in a
+ previous <directive>LogFormat</directive> directive as described
+ below.</p>
+
+ <p>The second form of the <directive>LogFormat</directive>
+ directive associates an explicit <em>format</em> with a
+ <em>nickname</em>. This <em>nickname</em> can then be used in
+ subsequent <directive>LogFormat</directive> or
+ <directive>CustomLog</directive> directives rather than
+ repeating the entire format string. A
+ <directive>LogFormat</directive>
+ directive which defines a nickname <strong>does nothing
+ else</strong> -- that is, it <em>only</em> defines the
+ nickname, it doesn't actually apply the format and make it the
+ default. Therefore, it will not affect subsequent
+ <directive>TransferLog</directive> directives.</p>
+
+</usage>
+</directivesynopsis>
+
+<directivesynopsis>
+
+<name>TransferLog</name>
+<description>Specifly location of a log file</description>
+<syntax>TransferLog <em>file</em>|<em>pipe</em></syntax>
+<default><i>none</i></default>
+<contextlist><context>server config</context><context>virtual
+host</context></contextlist>
+<compatibility></compatibility>
+
+<usage>
+
+ <p>This directive has exactly the same arguments and effect as
+ the <directive>CustomLog</directive> directive, with the
+ exception that it does not allow the log format to be specified
+ explicitly or for conditional logging of requests. Instead, the
+ log format is determined by the most recently specified
+ specified <directive>LogFormat</directive> directive (which
+ does not define a nickname). Common Log Format is used if no
+ other format has been specified.</p>
+
+ <p>Example:</p>
+<example>
+ LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""<br />
+ TransferLog logs/access_log
+</example>
+
+</usage>
+
+</directivesynopsis>
+
+</modulesynopsis>