Apache log

编程语言 2018-06-04 15:02:16 阅读次数: 0

Apache log

Log Files:

  • Web日志是由服务器运行时自动生成的记录文件,用于记录服务器的历史活动。
  • 更确切的是Server log 而不是Web log

Security Warning:

  • In addition, log files may contain information supplied directly by the client, without escaping.

  • Therefore, it is possible for malicious clients to insert control-characters in the log files, so care must be taken in dealing with raw logs.

原始日志没有转义,所以在处理原始日志的时候要小心
试过前端在显示原始日志的时候弹框。

Error Log:

  • The server error log, whose name and location is set by the ErrorLog directive, is the most important log file.
  • This is the place where Apache httpd will **send diagnostic information and record any errors**that it encounters in processing requests.
  • It is the first place to look when a problem occurs with starting the server or with the operation of the server, since it will often contain details of what went wrong and how to fix it.
  • A very wide variety of different messages can appear in the error log. Most look similar to the example above.
  • The error log will also contain debugging output from CGI scripts. Any information written to stderr by a CGI script will be copied directly to the error log.

调试

Per-module logging:

  • The LogLevel directive allows you to specify a log severity level on a per-module basis.
  • In this way, if you are troubleshooting a problem with just one particular module, you can turn up its logging volume without also getting the details of other modules that you’re not interested in.

Access Log

  • The server access log records all requests processed by the server.
  • Of course,storing the information in the access log is only the start of log management.

  • The next step is to analyze this information to produce useful statistics.

  • The format of the access log is highly configurable.

Common Log Format:

The Common Log Format,[1] also known as the NCSA Common log format,[2] (after NCSA_HTTPd) is a standardized text file format used by web servers when generating server log files. Because the format is standardized, the files can be readily analyzed by a variety of web analysis programs, for example Webalizer and Analog.

  • A typical configuration for the access log might look as follows.

    • LogFormat "%h %l %u %t \"%r\" %>s %b" common
    • CustomLog "logs/access_log" common

  • The format string consists of percent directives, each of which tell the server to log a particular piece of information.

Example:

127.0.0.1 user-identifier frank [10/Oct/2000:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 200 2326

  • 127.0.0.1 (%h)

    • This is the IP address of the client (remote host) which made the request to the server.
    • If HostnameLookups is set to On, then the server will try to determine the hostname and log it in place of the IP address. However, this configuration is not recommended since it can significantly slow the server.
    • The IP address reported here is not necessarily the address of the machine at which the user is sitting. If a proxy server exists between the user and the server, this address will be the address of the proxy, rather than the originating machine.

  • -(%l)

    • The “hyphen” in the output indicates that the requested piece of information is not available. In this case, the information that is not available is the RFC 1413 identity of the client determined by identd on the clients machine.
    • This information is highly unreliable and should almost never be used except on tightly controlled internal networks. Apache httpd will not even attempt to determine this information unless IdentityCheck is set to On.

  • frank (%u):

    • This is the userid of the person requesting the document as determined by HTTP authentication. The same value is typically provided to CGI scripts in the REMOTE_USER environment variable. If the status code for the request (see below) is 401, then this value should not be trusted because the user is not yet authenticated. If the document is not password protected, this part will be “-” just like the previous one.

  • [10/Oct/2000:13:55:36 -0700] (%t)

  • “GET /apache_pb.gif HTTP/1.0” (\”%r\”)

    • The request line from the client is given in double quotes. The request line contains a great deal of useful information. First, the method used by the client is GET. Second, the client requested the resource /apache_pb.gif, and third, the client used the protocol HTTP/1.0.

  • 200 (%>s)

    • This is the status code that the server sends back to the client.
    • This information is very valuable, because it reveals whether the request resulted in a successful response (codes beginning in 2), a redirection (codes beginning in 3), an error caused by the client (codes beginning in 4), or an error in the server (codes beginning in 5).

  • 2326 (%b)

    • The last part indicates the size of the object returned to the client, not including the response headers.
    • If no content was returned to the client, this value will be “-“.

Usage:

Log files are a standard tool for computer systems developers and administrators. They record the “what happened when by whom” of the system. This information can record faults and help their diagnosis. It can identify security breaches and other computer misuse. It can be used for auditing. It can be used for accounting purposes.

The information stored is only available for later analysis if it is stored in a form that can be analysed. This data can be structured in many ways for analysis.

For example, storing it in a relational database would force the data into a query-able format. However, it would also make it more difficult to retrieve if the computer crashed, and logging would not be available unless the database was available. A plain text format minimises dependencies on other system processes, and assists logging at all phases of computer operation, including start-up and shut-down, where such processes might be unavailable

Combined Log Format:

Another commonly used format string is called the Combined Log Format. It can be used as follows.

  • LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
  • CustomLog "log/access_log" combined

This format is exactly the same as the Common Log Format, with the addition of two more fields.

Example:

127.0.0.1 - frank [10/Oct/2000:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 200 2326 "http://www.example.com/start.html" "Mozilla/4.08 [en] (Win98; I ;Nav)"

  • "http://www.example.com/start.html" (\"%{Referer}i\")
    • The “Referer” (sic) HTTP request header. This gives the site that the client reports having been referred from. (This should be the page that links to or includes /apache_pb.gif).
  • "Mozilla/4.08 [en] (Win98; I ;Nav)" (\"%{User-agent}i\")
    • The User-Agent HTTP request header. This is the identifying information that the client browser reports about itself.

猜你喜欢

转载自blog.csdn.net/qq_28921653/article/details/80560506
今日推荐
美国拟限制 AI 大模型出口中国和俄罗斯
苹果将与 OpenAI 达成协议,将 ChatGPT 应用于 iPhone
openKylin 社区生态委员会第六次会议圆满召开
阿里云正式发布通义千问 2.5
Python 3.13 发布首个 Beta:实验性自由线程模式和 JIT、改进交互式解释器
Stack Overflow 拿我的代码去训练 AI 大模型,还封了我的账号
Pop!_OS 的 COSMIC 桌面完成 App Store 上架工作
报告:Django 仍然是 74% 开发者的首选
《2024 年一季度互联网投融资运行情况》研究报告
15 年前上了“FFmpeg 耻辱柱”,今天他还得谢谢咱——腾讯QQPlayer一雪前耻?
TIOBE 5 月榜单:Fortran “复活”进入 Top 10
GCC 14.1 发布
周排行
curl的POST请求,封装方法
8.1.1. Integer Types
Java基础 Day05(个人复习整理)
Python - Django - 中间件 process_exception
小L的试卷
【Shell编程】 (函数)判断用户是否存在
python(css样式)
spring ant path 匹配原则 - 【笔记】
《JavaScript与JScript从入门到精通》(美)James.Jaworski.中译本.扫描版.pdf
Eclipse运行带参数的java程序
每日归档
更多
2024-05-12(0)
2024-05-11(38)
2024-05-10(38)
2024-05-09(35)
2024-05-08(42)
2024-05-07(14)
2024-05-06(40)
2024-05-05(0)
2024-05-04(7)
2024-05-03(19)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022