Analysis of Tomcat access logs

<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"                 prefix="localhost_access_log." suffix=".txt" pattern="%s %D %t %a %U" fileDateFormat="yyyy-MM-dd.HH" resolveHosts="false"/>

The preceding logs record that the IP address filedateformat of the HTTP status code for a long time is saved every hour. . The default value is one day. Because the log is too large, it is generated every hour. Debugging is complete and you need to disable it.

Tomcat access logs rely on Org. apache. catalina. valves. accesslogvalve to control, you can modify $ tomcat/CONF/server. XML to enable it ($ Tomcat is the directory installed by Tomcat ). Accesslogvalve should be commented out by default. Simply comment it out and restart tomcat.

The following is the default tomcat configuration:

<Valve classname = "org. Apache. Catalina. Valves. accesslogvalve" <p = ""> </valve classname = "org. Apache. Catalina. Valves. accesslogvalve" <>

Directory = "logs" prefix = "localhost_access_log." suffix1_.txt"

Pattern = "common" resolvehosts = "false"/>

You can set the directory for storing logs, the prefix of the log file name, the suffix (suffix), and the specific log format. Save the directory. The prefix and suffix of the file name are very simple. Generally, the default setting is fine. For performance considerations, resolvehost is generally set to false. However, the access log format (pattern) has many options for you to choose from. Some basic log format items are listed below:

% A-remote IP Address)

% A-local IP Address)

% B-Number of sent bytes, excluding the HTTP header. If the value is 0 bytes, '-' (Bytes Sent, excluding HTTP headers, or '-' if no bytes is displayed.

Were sent)

% B-Number of sent bytes, excluding the HTTP header (Bytes Sent, excluding HTTP headers)

% H-remote host name)

% H-specific request protocol, HTTP/1.0 or HTTP/1.1 (Request Protocol)

% L-remote username, always '-' (Remote logical username from identd (always returs '-'))

% M-Request Method, get, post, put (Request Method)

% P-local port)

% Q-query string (prepended with '? 'If it exists, otherwise

An empty string)

% R-first line of the request in the HTTP request)

% S-HTTP status code (HTTP status code of the response)

% S-user session ID (user session ID)

% T-access date and time (date and time, in common log format)

% U-the authenticated remote user that was authenticated

% U-request URL path (requested URL path)

% V-local server name)

% D-time taken to process the request, in millis)

% T-time taken to process the request, in seconds)

You can use any combination of the above to customize your access log format, or you can use the following two aliases common and combined to specify the commonly used log format:

Common-% H % L % u % t "% R" % S % B

Combined-

% H % L % u % t "% R" % S % B "% {Referer} I" "% {User-Agent} I"

In addition, you can also write the cookie, the incoming header in the client request, the data in the session or servletrequest to the Tomcat access log, you can use the following syntax for reference.

% {XXX} I-record the HTTP header XXX (incoming headers) contained in the client request)

% {XXX} c-record specific cookie xxx

% {XXX} r-record the xxx attribute in servletrequest)

% {XXX} s-record the xxx attribute in httpsession)

For example, the following is an actual access log format Configuration:

<Valve classname = "org. Apache. Catalina. Valves. accesslogvalve" <p = ""> </valve classname = "org. Apache. Catalina. Valves. accesslogvalve" <>

Directory = "logs" prefix = "phone_access_log." suffix1_.txt"

Pattern = "% H % L % T % R % S % B % {Referer} I % {User-Agent} I msisdn =%{ X-Up-calling-line -ID} I "resolvehosts =" false "/>

The log format (pattern) specified as "% H % L % T % R % S % B % {Referer} I % {User-Agent} I msisdn =%{ X-Up-calling-line -ID} I ", the actual access log will include:

% H-remote host name

% L-remote user name, always '-'

% T-the number of seconds it takes to process the request

% T-access date and time

% R-the first line in the HTTP request

% S-HTTP status code

% B-Number of sent bytes, excluding the HTTP header (0 bytes are displayed '-')

% {Referer} I-Referer URL

% {User-Agent} I-User Agent

Msisdn =%{ X-Up-calling-line-ID} I-mobile phone number

The actual access log is as follows:

Xxx. xxx. XX. xxx-0.270 [14/JUL/2008: 13: 10: 53 + 0800] Post/phone/XXX/gprs http/1.1 200-sonyericssonw890i/r1ea profile/MIDP-2.1 configuration/CLDC-1.1 msisdn = 91812

... ...

Xxx. xxx. XX. xxx-0.083 [14/JUL/2008: 21: 20: 55 + 0800] Post/phone/XXX/gprs http/1.1 200-sonyericssonw910i/r1fa profile/MIDP-2.1 configuration/CLDC-1.1 msisdn = 404

Source:

Analysis of Tomcat access logs