Introduction
The Apache Web server can be configured to give the server administrator important information about what it is functioning And what issues, if any, need to be addressed.
The main avenue for providing feedback to the administrator are through the use of the log files. Apache have a very configurable logging mechanism that can is used to output messages to different places based on instruct Ions.
In the This guide, we'll look at what to utilize Apache's logging functionality to set up structured, easy-to-parse logs. We'll be the using a default Apache2 installation on an Ubuntu 12.04 VPS. Other distributions should operate in a similar fashion.
Apache Log Levels
Apache separates all informational messages to categories depending on how important it considers the information.
For instance, the most important messages, considered emergencies, Apache designates the log level as "Emerg". The "info" tag, on the other hand, just shows helpful information so can be useful to look at occasionally.
Here is the log levels this Apache recognizes, from most important to least:
- Emerg:emergency situations where the system is a unusable state.
- Alert:severe situation where action is needed promptly.
- Crit:important problems that need to be addressed.
- Error:an Error has occurred. Something was unsuccessful.
- Warn:something out of the ordinary happened, and not a cause for concern.
- Notice:something Normal, but worth noting have happened.
- Info:an informational message that might is nice to know.
- Debug:debugging information that can was useful to pinpoint where a problem is occurring.
- TRACE[1-8]: Tracing information of various levels of verbosity that produces a large amount of information.
When you specify a log level and you were not choosing to log the messages labeled in that category, you are choosing the LEAs T important level, wish to log.
This means, levels above the selected level is also logged. For example, if choose the ' Warn ' log level, messages tagged with warn, error, crit, alert, and Emerg'll all be Logg Ed.
We Specify the level of logging desired with the "LogLevel" directive. We can see the default log level in the default configuration file:
sudo nano/etc/apache2/apache2.conf
. . . LogLevel warn ...
As can see, by default, we had Apache configured to log messages with a priority of "warn" and above. We'll learn where Apache logs its messages in the following section.
Where does Apache Keep its Logs?
Apache can is told where to place its logs using server-wide logging specifications. You can also configure logging individually for each separate virtual host.
Server-wide Logging
To find out where the server logs information by default, we can open the default configuration file. On Ubuntu, this is "/etc/apache2/apache2.conf":
sudo nano/etc/apache2/apache2.conf
If We search the file, we can find a line which looks like this:
Errorlog ${apache_log_dir}/error.log
This directive names the file where Apache would keep its error messages. As can see, it utilizes a environmental variable called "Apache_log_dir" to get the prefix of the directory path.
We can find out what the "Apache_log_dir" are set to by examining a different file, the aptly-named "envvars" file:
sudo nano/etc/apache2/envvars
... export Apache_log_dir=/var/log/apache2$suffix ...
We can see in this line, and that the "apache_log_dir" variable are set to the directory "/var/log/apache2". This means if combined with the directive in the "apache2.conf" file, Apache would log into a file called "/var/log/ Apache2/error.log ":
sudo ls/var/log/apache2
Access.log error.log other_vhosts_access.log
We can see the Error.log file and some other logs files as well.
Virtual Host Logging
The "Access.log" file at the end of the ' previous section ' is ' not ' configured in the ' apache2.conf ' file. Instead, the package maintainer decided to place the directive specifying its use within a virtual host definition.
Examine the default virtual host definition to see the access log declaration:
sudo nano/etc/apache2/sites-available/default
If we scroll through the file, we'll see three separate values concerning logging:
. . . Errorlog ${apache_log_dir}/error.logloglevel warncustomlog ${apache_log_dir}/access.log combined ...
The errorlog definition matches the one in the default configuration file. It is not a necessary to has that on both places, but it does does hurt to being specific incase you change the location I n one place or another.
Defining Custom Logs
In the previous sections, the line describing the "access.log" file uses a different directive than the preceding log lines . It uses "Customlog" to specify, the Access.log location:
Customlog ${apache_log_dir}/access.log combined
This directive takes the following syntax:
Log_format
The log format in this example is "combined". This isn't an internal Apache specification. Instead, this is a label for a custom format, which is defined in the default configuration file.
If We open the default Config file again, we can see the line that defines the "combined" log format:
sudo nano/etc/apache2/apache2.conf
. . . Logformat "%h%l%u%t \"%r\ "%>s%O \" {referer}i\ "\"%{user-agent}i\ "" Combined ...
The "Logformat" command defines a custom format for logs so can be called using the ' customlog ' directive as we saw in T He virtual host definition.
This log format specifies a format known as a "combined" format. Learn more on available format string variables by going.
As can see, there is several other common formats that has been created for use within your virtual host definitions . You can uses them exactly like your see the Customlog declaration earlier. You can also create your own custom log formats.
Rotating Apache Log Files
Because Apache is capable of logging a large quantity of information during the process of handling requests from clients, It is necessary to set up a system for rotating the logs.
Log rotation can is as simple as switching out logs as they get too big, or it can be a system of archiving and storing OL D copies to reference at a later date. This depends on your configuration.
Below, we'll discuss some different methods of achieving this.
Manually rotating Logs
It is not possible to move log files while Apache are running, so instead, the server must being restarted in order to swap th e old logs for fresh logs.
This can is accomplished manually by moving the files and then soft-restarting Apache so that it can begin with use the new log s for new connections.
The example used in the Apache documentation are here. Need to precede these commands with "sudo" to gain appropriate privileges:
MV Access_log ACCESS_LOG.OLDMV error_log error_log.oldapachectl gracefulsleep 600[post-processing of log Files]
This would move the files, reload the server, and wait for seconds. This would allow Apache to continue using the old log files to complete logging from old requests. During this time, new requests is logged to the new, refreshed files.
While it was good to know how to do this manually, this would was unsustainable for larger server environments.
Managing Log Rotation Using Logrotate
By default, the Ubuntu sets up their own log rotation plan with logrotate.
This program can take parameters and rotate logs when certain criteria is met. We can see what events cause Logrotate to swaps the Apache logs by looking in "/etc/logrotate.d/apache2":
sudo nano/etc/logrotate.d/apache2
Here, you can see some of the parameters given to Logrotate. First of all, notice the first line is:
/var/log/apache2/*.log {
This means that logrotate would only operate on those logs in "/var/log/apache2". Keep This on mind if you had chosen a different directory for your logs in your Apache configuration.
We can see that the logs is rotated weekly and that they save a years-worth of logs by default. We can also see this there is a sections that reloads Apache after the rotation:
Postrotate/etc/init.d/apache2 Reload >/dev/nullendscript
These lines make sure the Apache is reloaded automatically whenever a rotation are complete. The parameters within this file can being changed at would, but the configuration is outside of the scope of this article.
Logging Using Pipes
Using a pipe instead of a file is an easy-to-be-separate logging program to handle the output. This solves the log rotation problem too, since that can is handled by the backend logging program instead of by Apache it Self.
If We wanted the access log to being handled by a logging program that accepts standard input, we could the is:
Logging_program_parameters "combined
Apache starts the logging program is the It begins and restarts it if the logging process fails for any reason.
Although multiple programs can be configured to rotate logs, Apache includes one called ' Rotatelogs ' by default. You can configure it as follows:
Log_level
Similar configuration can achieved with and other logging utilities.
Conclusion
It's important that's logging everything that's need to correctly administrate your servers Good log rotation mechanism in place in order to prevent files from growing too large.
You should now understand how to create and configure logging for Apache. The information that you have logged can is used to troubleshoot problems and anticipate when actions need to be taken.
by Justin Ellingwood
How to Configure Logging and logs Rotation in Apache on an Ubuntu VPS