Networking / Beginners

Apache Logging

Several directives in the Red Hat httpd.conf file configure logging. The ErrorLog directive defines the path of the error log file. Use the error log to detect failures. Review the error log at least once a day and look for problems. To keep a close eye on the file while you're logged-in, use the tail command with the -f option:

$ tail -l 1 -f /var/log/httpd/apache/error_log

The tail -l 1 command prints the last record in the error file, and the -f option keeps the tail process running so that you will see any record as it is written to the file. This allows you to monitor the file in real time.

The LogLevel directive defines what types of events are written to the error log. The Red Hat configuration specifies that warnings and other more critical errors are to be written to the log. There are eight possible LogLevel settings: debug, info, notice, warn, error, crit, alert, and emerg. The log levels are cumulative. debug provides debugging information and all other types of logging. warn provides warnings, errors, critical messages, alerts, and emergency messages. debug causes the file to grow at a very rapid rate. emerg keeps the file small, but only notifies you of disasters. warn is a good compromise between enough detail and too much detail.

The TransferLog directive defines the path to the log in which httpd writes information about server activity. Just as important as errors, the logs provide information about who is using your server, how much it is being used, and how well it is servicing the users. Use the transfer log to monitor activity and performance. Web servers are used to distribute information. If no one wants or uses the information, you need to know it. Much of the logging configuration controls what activity is logged, as well as where it is logged.

The LogFormat directives define the format of log file entries. The files that these entries are written to are defined by the CustomLog directives. In the default Red Hat configuration, there are four active LogFormat directives and one active CustomLog directive:

CustomLog logs/access_log combined
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\"
A\"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

Notice that a CustomLog statement and an associated LogFormat statement end with the same label. This label is an arbitrary name used to bind the format and the file together. In the example, the LogFormat that ends with the label "combined" is the format linked to the CustomLog directive. The LogFormat directives have a complex syntax.

[Previous] [Contents] [Next]

In this tutorial:

  1. Apache Web Server
  2. Installing Apache
  3. Running httpd
  4. Configuring the Apache Server
  5. The httpd.conf File
  6. Loading Dynamic Shared Objects
  7. Basic Server Directives
  8. Multi-Homed Server Configuration
  9. Defining Where Things Are Stored
  10. Creating a Fancy Index
  11. Defining File Types
  12. Managing Child Processes
  13. Performance Tuning Directives
  14. Caching Directives
  15. Defining Virtual Hosts
  16. Web Server Security
  17. The CGI and SSI Threat
  18. Server Options for Documents and Directories
  19. Directory-Level Configuration Controls
  20. Defining Access Controls
  21. Requiring User Authentication
  22. High-Performance User Authentication
  23. Configuring SSL
  24. Managing Your Web Server
  25. Monitoring Your Server
  26. Apache Logging
  27. Defining Log Formats
  28. Using Conditional Logging