Personal Computer World 2004 March

home *** CD-ROM | disk | FTP | other *** search

/ Personal Computer World 2004 March / PCWMAR04.iso / Software / Resources / Apache / apache_2.0.48-win32-x86-no_ssl.exe / F254350_mod_negotiation.xml.ja < prev next >

Wrap

Text File | 2003-04-15 | 11.0 KB | 272 lines

s.html">Apache Log Files</a></seealso> <section id="formats"><title>Custom Log Formats</title> <p>The format argument to the <directive module="mod_log_config" >LogFormat</directive> and <directive module="mod_log_config" >CustomLog</directive> directives is a string. This string is used to log each request to the log file. It can contain literal characters copied into the log files and the C-style control characters "\n" and "\t" to represent new-lines and tabs. Literal quotes and back-slashes should be escaped with back-slashes.</p> <p>The characteristics of the request itself are logged by placing "<code>%</code>" directives in the format string, which are replaced in the log file by the values as follows:</p> <table border="1" style="zebra"> <columnspec><column width=".2"/><column width=".8"/></columnspec> <tr><th>Format String</th> <th>Description</th></tr> <tr><td><code>%%</code></td> <td>The percent sign (<em>Apache 2.0.44 and later</em>)</td></tr> <tr><td><code>%...a</code></td> <td>Remote IP-address</td></tr> <tr><td><code>%...A</code></td> <td>Local IP-address</td></tr> <tr><td><code>%...B</code></td> <td>Bytes sent, excluding HTTP headers.</td></tr> <tr><td><code>%...b</code></td> <td>Bytes sent, excluding HTTP headers. In CLF format, <em>i.e.</em> a '<code>-</code>' rather than a 0 when no bytes are sent.</td></tr> <tr><td><code>%...{<var>Foobar</var>}C</code></td> <td>The contents of cookie <var>Foobar</var> in the request sent to the server.</td></tr> <tr><td><code>%...D</code></td> <td>The time taken to serve the request, in microseconds.</td></tr> <tr><td><code>%...{<var>FOOBAR</var>}e</code></td> <td>The contents of the environment variable <var>FOOBAR</var></td></tr> <tr><td><code>%...f</code></td> <td>Filename</td></tr> <tr><td><code>%...h</code></td> <td>Remote host</td></tr> <tr><td><code>%...H</code></td> <td>The request protocol</td></tr> <tr><td><code>%...{<var>Foobar</var>}i</code></td> <td>The contents of <code><var>Foobar</var>:</code> header line(s) in the request sent to the server.</td></tr> <tr><td><code>%...l</code></td> <td>Remote logname (from identd, if supplied)</td></tr> <tr><td><code>%...m</code></td> <td>The request method</td></tr> <tr><td><code>%...{<var>Foobar</var>}n</code></td> <td>The contents of note <var>Foobar</var> from another module.</td></tr> <tr><td><code>%...{<var>Foobar</var>}o</code></td> <td>The contents of <code><var>Foobar</var>:</code> header line(s) in the reply.</td></tr> <tr><td><code>%...p</code></td> <td>The canonical port of the server serving the request</td></tr> <tr><td><code>%...P</code></td> <td>The process ID of the child that serviced the request.</td></tr> <tr><td><code>%...{<var>format</var>}P</code></td> <td>The process ID or thread id of the child that serviced the request. Valid formats are <code>pid</code> and <code>tid</code>. (<em>Apache 2.0.46 and later</em>) </td></tr> <tr><td><code>%...q</code></td> <td>The query string (prepended with a <code>?</code> if a query string exists, otherwise an empty string)</td></tr> <tr><td><code>%...r</code></td> <td>First line of request</td></tr> <tr><td><code>%...s</code></td> <td>Status. For requests that got internally redirected, this is the status of the *original* request --- <code>%...>s</code> for the last.</td></tr> <tr><td><code>%...t</code></td> <td>Time, in common log format time format (standard english format)</td></tr> <tr><td><code>%...{<var>format</var>}t</code></td> <td>The time, in the form given by format, which should be in <code>strftime(3)</code> format. (potentially localized)</td></tr> <tr><td><code>%...T</code></td> <td>The time taken to serve the request, in seconds.</td></tr> <tr><td><code>%...u</code></td> <td>Remote user (from auth; may be bogus if return status (<code>%s</code>) is 401)</td></tr> <tr><td><code>%...U</code></td> <td>The URL path requested, not including any query string.</td></tr> <tr><td><code>%...v</code></td> <td>The canonical <directive module="core">ServerName</directive> of the server serving the request.</td></tr> <tr><td><code>%...V</code></td> <td>The server name according to the <directive module="core" >UseCanonicalName</directive> setting.</td></tr> <tr><td><code>%...X</code></td> <td>Connection status when response is completed: <table> <columnspec><column width=".2"/><column width=".6"/></columnspec> <tr><td><code>X</code> =</td> <td>connection aborted before the response completed.</td></tr> <tr><td><code>+</code> =</td> <td>connection may be kept alive after the response is sent.</td></tr> <tr><td><code>-</code> = </td> <td>connection will be closed after the response is sent.</td></tr> </table> <p>(This directive was <code>%...c</code> in late versions of Apache 1.3, but this conflicted with the historical ssl <code>%...{<var>var</var>}c</code> syntax.)</p></td></tr> <tr><td><code>%...I</code></td> <td>Bytes received, including request and headers, cannot be zero. You need to enable <module>mod_logio</module> to use this.</td></tr> <tr><td><code>%...O</code></td> <td>Bytes sent, including headers, cannot be zero. You need to enable <module>mod_logio</module> to use this.</td></tr> </table> <p>The "<var>...</var>" can be nothing at all (<em>e.g.</em>, <code>"%h %u %r %s %b"</code>), or it can indicate conditions for inclusion of the item (which will cause it to be replaced with "-" if the condition is not met). The forms of condition are a list of HTTP status codes, which may or may not be preceded by "!". Thus, "%400,501{User-agent}i" logs <code>User-agent:</code> on 400 errors and 501 errors (Bad Request, Not Implemented) only; "%!200,304,302{Referer}i" logs <code>Referer:</code> on all requests which did <em>not</em> return some sort of normal status.</p> <p>Note that in httpd 2.0 versions prior to 2.0.46, no escaping was performed on the strings from <code>%...r</code>, <code>%...i</code> and <code>%...o</code>. This was mainly to comply with the requirements of the Common Log Format. This implied that clients could insert control characters into the log, so you had to be quite careful when dealing with raw log files.</p> <p>For security reasons, starting with 2.0.46, non-printable and other special characters are escaped mostly by using <code>\x<var>hh</var></code> sequences, where <var>hh</var> stands for the hexadecimal representation of the raw byte. Exceptions from this rule are <code>"</code> and <code>\</code> which are escaped by prepending a backslash, and all whitespace characters which are written in their C-style notation (<code>\n</code>, <code>\t</code> etc).</p> <p>Some commonly used log format strings are:</p> <dl> <dt>Common Log Format (CLF)</dt> <dd><code>"%h %l %u %t \"%r\" %>s %b"</code></dd> <dt>Common Log Format with Virtual Host</dt> <dd><code>"%v %h %l %u %t \"%r\" %>s %b"</code></dd> <dt>NCSA extended/combined log format</dt> <dd><code>"%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""</code></dd> <dt>Referer log format</dt> <dd><code>"%{Referer}i -> %U"</code></dd> <dt>Agent (Browser) log format</dt> <dd><code>"%{User-agent}i"</code></dd> </dl> <p>Note that the canonical <directive module="core" >ServerName</directive> and <directive module="mpm_common" >Listen</directive> of the server serving the request are used for <code>%v</code> and <code>%p</code> respectively. This happens regardless of the <directive module="core">UseCanonicalName</directive> setting because otherwise log analysis programs would have to duplicate the entire vhost matching algorithm in order to decide what host really served the request.</p> </section> <section id="security"><title>Security Considerations</title> <p>See the <a href="../misc/security_tips.html#serverroot">security tips</a> document for details on why your security could be compromised if the directory where logfiles are stored is writable by anyone other than the user that starts the server.</p> </section> <directivesynopsis> <name>CookieLog</name> <description>Sets filename for the logging of cookies</description> <syntax>CookieLog <var>filename</var></syntax> <contextlist><context>server config</context><context>virtual host</context> </contextlist> <compatibility>This directive is deprecated.</compatibility> <usage> <p>The <directive>CookieLog</directive> directive sets the filename for logging of cookies. The filename is relative to the <directive module="core">ServerRoot</directive>. This directive is included only for compatibility with <code>mod_cookies</code>, and is deprecated.</p> </usage> </directivesynopsis> <directivesynopsis> <name>CustomLog</name> <description>Sets filename and format of log file</description> <syntax>CustomLog <var>file</var>|<var>pipe</var> <var>format</var>|<var>nickname</var> [env=[!]<var>environment-variable</var>]</syntax> <contextlist><context>server config</context><context>virtual host</context> </contextlist> <usage> <p>The <directive>CustomLog</directive> directive is used to log requests to the server. A log format is specified, and the logging can optionally be made conditional on request characteristics using environment variables.</p> <p>The first argument, which specifies the location to which the logs will be written, can take one of the following two types of values:</p> <dl> <dt><var>file</var></dt> <dd>A filename, relative to the <directive module="core" >ServerRoot</directive>.</dd> <dt><var>pipe</var></dt> <dd>The pipe character "<code>|</code>", followed by the path to a program to receive the log information on its standard input. <note type="warning"><title>Security:</title> <p>If a program is used, then it will be run as the user who started httpd. This will be root if the server was started by root; be sure that the program is secure.</p> </note> <note type="warning"><title>Note</title> <p>When entering a file path on non-Unix platforms, care should be taken