Docs ModAccessLog » History » Version 26

« Previous - Version 26/35 (diff) - Next » - Current version
tools, 2012-08-11 10:42
changed the %t documentation as the timestamps reflects the end and not the beginning of the request


Module: mod_accesslog


CLF like by default, flexible like apache


  send the accesslog to syslog

  Default: disabled

  name of the file where the accesslog should be written to if syslog
  is not used.

  if the name starts with a '|' the rest of the name is taken
  as the name of a process which will be spawned and will get the

  e.g.: ::

    accesslog.filename = "/var/log/lighttpd.log" 

    $HTTP["host"] == "" {
      accesslog.filename = "|/usr/bin/cronolog" 

  if you have multiple workers on 1.4.x (now, the current version)
  and want all access logs to be written (without that, only one worker will write logs), use 
  the accesslog.filename = "\|/usr/sbin/cronolog.. (as a temporary solution)

  Default: disabled

  the format of the logfile

  ====== ================================
  Option Description
  ====== ================================
  %%     a percent sign
  %h     name or address of remote-host
  %l     ident name (not supported)
  %u     authenticated user
  %t     timestamp of the end-time of the request
  %r     request-line 
  %s     status code 
  %b     bytes sent for the body
  %i     HTTP-header field
  %a     remote address
  %A     local address
  %B     same as %b
  %C     cookie field (not supported)
  %D     time used in ms (not supported)
  %e     environment
  %f     physical filename
  %H     request protocol (HTTP/1.0, ...)
  %m     request method (GET, POST, ...)
  %n     (not supported)
  %o     `response header`_
  %p     server port
  %P     (not supported)
  %q     query string
  %T     time used in seconds
  %U     request URL
  %v     server-name
  %V     HTTP request host name
  %X     connection status
  %I     bytes incomming
  %O     bytes outgoing
  ====== ================================

  If %s is written %>s or %<s the < and the > are ignored. They are supported
  for compatibility with apache. 

  %h will always return the IP address of the host, never the name. This makes it equivalent to %a, which is not implemented.

  %a, %A, %{name}C, %D are all unimplemented as of 1.4.26 and 1.5.0-r2700

  %i and %o expect the name of the field which should be written in curly brackets.

  %q is not prepended with '?', unlike Apache

  %{StrFTime format string}t is supported since 1.4.24.

  %t does not work the same way it works in Apache (where the start of the request is recorded). Instead it shows the time
     the request actually got delivered. This is done due to performance reasons. For most users this does not matter as usually
     requests don't take long to get processed. In case you want to find out the time the request was started add the %T option
     to your log-string and subtract it's value from the time shown by %t.

In lighttpd version 1.3.16, the default format is:

    accesslog.format = "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" 
Default: CLF compatible output.

In lighttpd versions 1.4.13-1.4.20, the default setting is:

    accesslog.format = "%h %V %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" 

The difference between Apache's CLF is the second field changes from ``%l`` to ``%V``.

Response Header

The accesslog module provides a special way to log content from the
application in a accesslog file. It can be used to log the session id into a

If you want to log it into the accesslog just specify the field-name within
a %{...}o like ::

  accesslog.format = "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%{X-LIGHTTPD-SID}o\"" 

The prefix ``X-LIGHTTPD-`` is special as every response header starting with
this prefix is assumed to be special for lighttpd and won't be sent out
to the client.

An example the use this functionality is provided below: ::



  header("X-LIGHTTPD-SID: ".session_id());


Note: If you log to a pipe and have lighty chrooted the user running lighty will need access to “/bin/sh”.

Updated by tools about 7 years ago · 26 revisions