APACHE log格式说明
2009-03-12 09:39
507 查看
配置新服务器conf,需要分析请求域名,重新找出log格式文档学习一下。
#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
#
LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
#SetEnvIf Request_URI .gif$ image-request
#SetEnvIf Request_URI .ico$ image-request
LogFormat "%h %l %u %t "%r" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
默认日志例子
60.1.99.116
- - [05/Dec/2005:09:32:59 +0800] "GET /Message/ContactSelect HTTP/1.1"
200 7480 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
%...a Remote IP-address
%...A Local IP-address
%...B Size of response in bytes, excluding HTTP headers.
%...b Size of response in bytes, excluding HTTP headers. In CLF format, i.e. a '-' rather than a 0 when no bytes are sent.
%...{Foobar}C The contents of cookie Foobar in the request sent to the server.
%...D The time taken to serve the request, in microseconds.
%...{FOOBAR}e The contents of the environment variable FOOBAR
%...f Filename
%...h Remote host
%...H The request protocol
%...{Foobar}i The contents of Foobar: header line(s) in the request sent to the server.
%...l Remote logname (from identd, if supplied). This will return a dash unless IdentityCheck is set On.
%...m The request method
%...{Foobar}n The contents of note Foobar from another module.
%...{Foobar}o The contents of Foobar: header line(s) in the reply.
%...p The canonical port of the server serving the request
%...P The process ID of the child that serviced the request.
%...{format}P The process ID or thread id of the child that serviced the request. Valid formats are pid and tid. (Apache 2.0.46 and later)
%...q The query string (prepended with a ? if a query string exists, otherwise an empty string)
%...r First line of request
%...s
Status. For requests that got internally redirected, this is the status
of the *original* request --- %...>s for the last.
%...t Time the request was received (standard english format)
%...{format}t The time, in the form given by format, which should be in strftime(3) format. (potentially localized)
%...T The time taken to serve the request, in seconds.
%...u Remote user (from auth; may be bogus if return status (%s) is 401)
%...U The URL path requested, not including any query string.
%...v The canonical ServerName of the server serving the request.
%...V The server name according to the UseCanonicalName setting.
%...X Connection status when response is completed:
X = connection aborted before the response completed.
+ = connection may be kept alive after the response is sent.
- = connection will be closed after the response is sent.
(This directive was %...c in late versions of Apache 1.3, but this conflicted with the historical ssl %...{var}c syntax.)
%...I Bytes received, including request and headers, cannot be zero. You need to enable mod_logio to use this.
%...O Bytes sent, including headers, cannot be zero. You need to enable mod_logio to use this.
%...a: 远程IP地址
%...A: 本地IP地址
%...B: 已发送的字节数,不包含HTTP头
%...b: CLF格式的已发送字节数量,不包含HTTP头。例如当没有发送数据时,写入‘-’而不是0。
%...{Foobar}C 发送给服务器的Cookie Foobar的内容
%...D: 服务器请求时间,微秒
%...{FOOBAR}e: 环境变量FOOBAR的内容
%...f: 文件名字
%...h: 远程主机
%...H 请求的协议
%...{Foobar}i: Foobar的内容,发送给服务器的请求的标头行。
%...l: 远程登录名字(来自identd,如提供的话)
%...m 请求的方法
%...{Foobar}n: 来自另外一个模块的注解“Foobar”的内容
%...{Foobar}o: Foobar的内容,应答的标头行
%...p: 服务器响应请求时使用的端口
%...P: 响应请求的子进程ID。
%...{format}P 服务器的子进程ID,或者线程id,可利用的格式是pid或者tid. (Apache 2.0.46 and later)
%...q 查询字符串(如果存在查询字符串,则包含“?”后面的部分;否则,它是一个空字符串。)
%...r: 请求的第一行
%...s: 状态。对于进行内部重定向的请求,这是指*原来*请求 的状态。如果用%...>s,则是指后来的请求。
%...t: 以公共日志时间格式表示的时间(或称为标准英文格式)
%...{format}t: 以指定格式format表示的时间
%...T: 为响应请求而耗费的时间,以秒计
%...u: 远程用户(来自auth;如果返回状态(%s)是401则可能是伪造的)
%...U: 用户所请求的URL路径
%...v: 响应请求的服务器的ServerName
%...V: 依照UseCanonicalName设置得到的服务器名字
%...X 响应完成后的连接状态。
X = 在请求完成之前,连接忽略。
+ = 在请求发送后,连接保持。
- = 请求发送后连接关闭。
(This directive was %...c in late versions of Apache 1.3, but this conflicted with the historical ssl %...{var}c syntax.)
%...I 接收字节,包括请求和头。不能为0。你需要启用mod_logio.
%...O 发送字节,包括头。不能为0。你需要启用mod_logio.
Referer log format Referer日值格式
"%{Referer}i -> %U"
Agent (Browser) log format 代理(浏览器)日值格式
"%{User-agent}i"
在所有上面列出的变量中,“...”表示一个可选的条件。如果没有指定条件,则变量的值将以“-”取代。分析前面来自默认httpd.conf文件的 LogFormat指令示例,可以看出它创建了一种名为“common”的日志格式,其中包括:远程主机,远程登录名字,远程用户,请求时间,请求的第一行代码,请求状态,以及发送的字节数。
有时候我们只想在日志中记录某些特定的、已定义的信息,这时就要用到“...”。如果在“%”和变量之间放入了一个或者多个HTTP状态代码,则只有当
请求返回的状态代码属于指定的状态代码之一时,变量所代表的内容才会被记录。例如,如果我们想要记录的是网站的所有无效链接,那么可以使用:
LogFormat %404{Referer}i BrokenLinks
反之,如果我们想要记录那些状态代码不等于指定值的请求,只需加入一个“!”符号即可:
LogFormat %!200U SomethingWrong
#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
#
LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
#SetEnvIf Request_URI .gif$ image-request
#SetEnvIf Request_URI .ico$ image-request
LogFormat "%h %l %u %t "%r" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
默认日志例子
60.1.99.116
- - [05/Dec/2005:09:32:59 +0800] "GET /Message/ContactSelect HTTP/1.1"
200 7480 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
%...a Remote IP-address
%...A Local IP-address
%...B Size of response in bytes, excluding HTTP headers.
%...b Size of response in bytes, excluding HTTP headers. In CLF format, i.e. a '-' rather than a 0 when no bytes are sent.
%...{Foobar}C The contents of cookie Foobar in the request sent to the server.
%...D The time taken to serve the request, in microseconds.
%...{FOOBAR}e The contents of the environment variable FOOBAR
%...f Filename
%...h Remote host
%...H The request protocol
%...{Foobar}i The contents of Foobar: header line(s) in the request sent to the server.
%...l Remote logname (from identd, if supplied). This will return a dash unless IdentityCheck is set On.
%...m The request method
%...{Foobar}n The contents of note Foobar from another module.
%...{Foobar}o The contents of Foobar: header line(s) in the reply.
%...p The canonical port of the server serving the request
%...P The process ID of the child that serviced the request.
%...{format}P The process ID or thread id of the child that serviced the request. Valid formats are pid and tid. (Apache 2.0.46 and later)
%...q The query string (prepended with a ? if a query string exists, otherwise an empty string)
%...r First line of request
%...s
Status. For requests that got internally redirected, this is the status
of the *original* request --- %...>s for the last.
%...t Time the request was received (standard english format)
%...{format}t The time, in the form given by format, which should be in strftime(3) format. (potentially localized)
%...T The time taken to serve the request, in seconds.
%...u Remote user (from auth; may be bogus if return status (%s) is 401)
%...U The URL path requested, not including any query string.
%...v The canonical ServerName of the server serving the request.
%...V The server name according to the UseCanonicalName setting.
%...X Connection status when response is completed:
X = connection aborted before the response completed.
+ = connection may be kept alive after the response is sent.
- = connection will be closed after the response is sent.
(This directive was %...c in late versions of Apache 1.3, but this conflicted with the historical ssl %...{var}c syntax.)
%...I Bytes received, including request and headers, cannot be zero. You need to enable mod_logio to use this.
%...O Bytes sent, including headers, cannot be zero. You need to enable mod_logio to use this.
%...a: 远程IP地址
%...A: 本地IP地址
%...B: 已发送的字节数,不包含HTTP头
%...b: CLF格式的已发送字节数量,不包含HTTP头。例如当没有发送数据时,写入‘-’而不是0。
%...{Foobar}C 发送给服务器的Cookie Foobar的内容
%...D: 服务器请求时间,微秒
%...{FOOBAR}e: 环境变量FOOBAR的内容
%...f: 文件名字
%...h: 远程主机
%...H 请求的协议
%...{Foobar}i: Foobar的内容,发送给服务器的请求的标头行。
%...l: 远程登录名字(来自identd,如提供的话)
%...m 请求的方法
%...{Foobar}n: 来自另外一个模块的注解“Foobar”的内容
%...{Foobar}o: Foobar的内容,应答的标头行
%...p: 服务器响应请求时使用的端口
%...P: 响应请求的子进程ID。
%...{format}P 服务器的子进程ID,或者线程id,可利用的格式是pid或者tid. (Apache 2.0.46 and later)
%...q 查询字符串(如果存在查询字符串,则包含“?”后面的部分;否则,它是一个空字符串。)
%...r: 请求的第一行
%...s: 状态。对于进行内部重定向的请求,这是指*原来*请求 的状态。如果用%...>s,则是指后来的请求。
%...t: 以公共日志时间格式表示的时间(或称为标准英文格式)
%...{format}t: 以指定格式format表示的时间
%...T: 为响应请求而耗费的时间,以秒计
%...u: 远程用户(来自auth;如果返回状态(%s)是401则可能是伪造的)
%...U: 用户所请求的URL路径
%...v: 响应请求的服务器的ServerName
%...V: 依照UseCanonicalName设置得到的服务器名字
%...X 响应完成后的连接状态。
X = 在请求完成之前,连接忽略。
+ = 在请求发送后,连接保持。
- = 请求发送后连接关闭。
(This directive was %...c in late versions of Apache 1.3, but this conflicted with the historical ssl %...{var}c syntax.)
%...I 接收字节,包括请求和头。不能为0。你需要启用mod_logio.
%...O 发送字节,包括头。不能为0。你需要启用mod_logio.
Referer log format Referer日值格式
"%{Referer}i -> %U"
Agent (Browser) log format 代理(浏览器)日值格式
"%{User-agent}i"
在所有上面列出的变量中,“...”表示一个可选的条件。如果没有指定条件,则变量的值将以“-”取代。分析前面来自默认httpd.conf文件的 LogFormat指令示例,可以看出它创建了一种名为“common”的日志格式,其中包括:远程主机,远程登录名字,远程用户,请求时间,请求的第一行代码,请求状态,以及发送的字节数。
有时候我们只想在日志中记录某些特定的、已定义的信息,这时就要用到“...”。如果在“%”和变量之间放入了一个或者多个HTTP状态代码,则只有当
请求返回的状态代码属于指定的状态代码之一时,变量所代表的内容才会被记录。例如,如果我们想要记录的是网站的所有无效链接,那么可以使用:
LogFormat %404{Referer}i BrokenLinks
反之,如果我们想要记录那些状态代码不等于指定值的请求,只需加入一个“!”符号即可:
LogFormat %!200U SomethingWrong
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- apache log 按日期记录 格式 <GOOD>-- (转)
- apache LogFormat参数说明
- Apache中对access.log文件日期格式的设置
- apache/nginx access.log 说明
- 【apache2.2】apache2.2中logFormat参数定制日志格式
- tomcat accesslog日志配置及格式说明
- apache/nginx access.log 说明
- 实时跟踪log变化的工具Apachetop
- Caused by: java.lang.ClassNotFoundException: org.apache.commons.logging.LogFactory
- C# ToString格式字符串整理(Format)(数字、日期和枚举的标准格式设置说明符)
- [转]Apache的CRT格式SSL证书转换成IIS用的PFX格式
- Tomcat无法启动,报错java.lang.NoClassDefFoundError: org/apache/juli/logging/LogFactory
- SimpleDateFormat格式说明
- 成功配置tomcat的log4j日志系统,格式:HTML+每天以yyyy-mm-dd.log命名的日志文件
- debian软件源source.list文件格式说明
- undefined symbol: ap_log_rerror;apache2.4与weblogic点so文件
- 格式如Rs.Open Sql,Conn,a,b,c,的详细说明
- 解析MYSQL BINLOG 二进制格式(7)--Xid_log_event/XID_EVENT
- eclipse+tomcat出错“Caused by: java.lang.ClassNotFoundException: org.apache.juli.logging.LogFactory
- C# Format格式说明