Project

General

Profile

Mod accesslog » History » Revision 37

Revision 36 (gstrauss, 2021-05-10 05:01) → Revision 37/49 (gstrauss, 2021-09-05 17:47)

h1. Accesslog 

 *Module: mod_accesslog* 

 {{>toc}} 

 h2. Description 

 CLF like by default, flexible like apache 


 h2. Options 

 * accesslog.use-syslog 
   send the accesslog to syslog 
  
   Default: disabled 

 * accesslog.syslog-level (since 1.4.33) 
   severity level for syslog logging 

   Default: 6 (info) 

   See https://en.wikipedia.org/wiki/Syslog#Severity_level for numerical values 

 * accesslog.filename 
   name of the file where the accesslog should be written to if syslog is not used. 
  
   if the name starts with a '|' the rest of the name is taken as the name of a process which will be spawned and will get the output 
  
   e.g.:<pre> 
 accesslog.filename = "/var/log/lighttpd.log" 

 $HTTP["host"] == "mail.example.org" { 
   accesslog.filename = "|/usr/bin/cronolog ... " 
 }</pre> 

   If you have multiple workers and want to rotate logs, use a piped logger, e.g. accesslog.filename = "|/usr/sbin/cronolog ... " 
    
   Default: disabled 

 * accesslog.format 
   the format of the logfile 
  
   |_. Option |_. Description                              | 
   | %%         | a percent sign                             | 
   | %h         | IP address of remote host                  | 
   | %l         | ident name (not supported)                 | 
   | %u         | authenticated user                         | 
   | %t         | timestamp of the end-time of the request | 
   | %{...}t    | timestamp of the end-time of the request | (supported in 1.4.40) | 
   | %r         | request-line                               | 
   | %s         | status code                                | 
   | %b         | bytes sent for the body                    | 
   | %i         | HTTP-header field                          | 
   | %a         | remote address                             | (supported in 1.4.40) | 
   | %A         | local address                              | (supported in 1.4.40) | 
   | %B         | same as %b                                 | 
   | %C         | cookie field                               | (supported in 1.4.40) | 
   | %D         | time used in us                            | (supported in 1.4.40) | 
   | %e         | environment                                | 
   | %f         | physical filename                          | 
   | %H         | request protocol (HTTP/1.0, ...)           | 
   | %k         | num keepalives                             | (supported in 1.4.40) | 
   | %m         | request method (GET, POST, ...)            | 
   | %n         | notes (internal module notes)              | (supported in 1.4.43) | 
   | %o         | response header                            | 
   | %p         | server port                                | 
   | %{...}p    | address port (canonical,local,remote)      | (supported in 1.4.49) | 
   | %P         | (not supported)                            | 
   | %q         | query string                               | 
   | %T         | time used in seconds                       | 
   | %{UNIT}T | time used in UNIT (s, ms, us, or ns)       | (supported in 1.4.40) | 
   | %U         | request URL                                | 
   | %v         | server-name                                | 
   | %V         | HTTP request host name                     | 
   | %X         | connection status                          | 
   | %I         | bytes incoming                             | 
   | %O         | bytes outgoing                             | 
  
   If %s is written %>s or %<s the < and the > are ignored. They are supported for compatibility with apache.  

   %h will always return the IP address of the host, never the name. This makes it equivalent to %a. 

   %a, %A, %{name}C, %D, %k, %{...}t, %{...}T are implemented in lighttpd 1.4.40 and later. 
  
   %i and %o expect the name of the field which should be written in curly brackets. 

   %q is not prepended with '?', unlike Apache 

   %{StrFTime format string}t is supported since 1.4.24. 

   %t does not work the same way it works in Apache (where the start of the request is recorded). Instead it shows the time the request actually got delivered. For most users this does not matter as usually requests don't take long to get processed.    Use %{begin:...}t for time at start of request. 

   %{ratio}n shows file compression ratio for [[Docs_ModDeflate|mod_deflate]] mod_compress and mod_deflate (since 1.4.43) 
 </pre> 
  
 In lighttpd version 1.3.16, the default format is: 

 <pre> 
     accesslog.format = "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" 
 </pre> 

   Default: CLF compatible output. 

 In lighttpd versions 1.4.13-1.4.20, the default setting is: 

 <pre> 
     accesslog.format = "%h %V %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" 
 </pre> 

 The difference between Apache's CLF is the second field changes from ``%l`` to ``%V``. 


 h2. Disable logging 

 If logging is enabled, it is possible to selectively disable logging within a lighttpd condition.    For example, to disable logging for requests to @/robots.txt@ 

 <pre> 
 $HTTP["url"] == "/robots.txt { 
       accesslog.filename = "" 
 } 
 </pre> 

 If using syslog instead of a file, then use @accesslog.use-syslog = "disable"@ above instead of @accesslog.filename = ""@ 



 h2. Response Header 


 The accesslog module provides a special way to log content from the 
 application in a accesslog file. It can be used to log the session id into a 
 logfile. 

 If you want to log it into the accesslog just specify the field-name within 
 a %{...}o like :: 

 <pre> 
   accesslog.format = "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%{X-LIGHTTPD-SID}o\"" 
 </pre> 
  
 The prefix ``X-LIGHTTPD-`` is special as every response header starting with 
 this prefix is assumed to be special for lighttpd and won't be sent out 
 to the client.  

 An example the use this functionality is provided below: :: 

 <pre> 
   <?php 
  
   session_start(); 
  
   header("X-LIGHTTPD-SID: ".session_id()); 
  
   ?> 
   TEST 
 </pre> 



 ---- 
 Note: If you log to a pipe and have lighty chrooted the user running lighty will need access to “/bin/sh”.