logs.html.en revision 6116c12fdd3ed06d388fe6572e50a22e9320dfa5
8e34905974b7a442a55adac3b3fdb196c389e807takashi<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
640b2adac05bb7f5e9fba064434c91852c3a72e6nd<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!--
640b2adac05bb7f5e9fba064434c91852c3a72e6nd XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
8e34905974b7a442a55adac3b3fdb196c389e807takashi This file is generated from xml source: DO NOT EDIT
640b2adac05bb7f5e9fba064434c91852c3a72e6nd XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
640b2adac05bb7f5e9fba064434c91852c3a72e6nd<link href="/style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" />
8e34905974b7a442a55adac3b3fdb196c389e807takashi<link href="/style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" />
8e34905974b7a442a55adac3b3fdb196c389e807takashi<link href="/style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" />
640b2adac05bb7f5e9fba064434c91852c3a72e6nd<link href="/images/favicon.ico" rel="shortcut icon" /></head>
640b2adac05bb7f5e9fba064434c91852c3a72e6nd<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/directives.html">Directives</a> | <a href="/faq/">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p>
640b2adac05bb7f5e9fba064434c91852c3a72e6nd<div class="up"><a href="./"><img title="<-" alt="<-" src="/images/left.gif" /></a></div>
640b2adac05bb7f5e9fba064434c91852c3a72e6nd<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs-project/">Documentation</a> > <a href="./">Version 2.1</a></div><div id="page-content"><div id="preamble"><h1>Log Files</h1>
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe<p><span>Available Languages: </span><a href="/en/logs.html"> en </a> | <a href="/ja/logs.html"> ja </a> | <a href="/ko/logs.html"> ko </a></p>
ef685e00a47967e27d89709461728a229d762172nd <p>In order to effectively manage a web server, it is necessary
ef685e00a47967e27d89709461728a229d762172nd to get feedback about the activity and performance of the
ef685e00a47967e27d89709461728a229d762172nd server as well as any problems that may be occurring. The Apache
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe HTTP Server provides very comprehensive and flexible logging
6bbaaf620dec844488d050f0d484564f08c23383erikabele capabilities. This document describes how to configure its
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe logging capabilities, and how to understand what the logs
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe contain.</p>
51853aa2ebfdf9903a094467e1d02099f143639daaron<div id="quickview"><ul id="toc"><li><img alt="" src="/images/down.gif" /> <a href="#security">Security Warning</a></li>
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe<li><img alt="" src="/images/down.gif" /> <a href="#errorlog">Error Log</a></li>
222f0f03c2f9ee6343c18f80f0cb6e9aad21bc58slive<li><img alt="" src="/images/down.gif" /> <a href="#accesslog">Access Log</a></li>
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe<li><img alt="" src="/images/down.gif" /> <a href="#rotation">Log Rotation</a></li>
81622596373177e079337e956f7a5800895443b3erikabele<li><img alt="" src="/images/down.gif" /> <a href="#piped">Piped Logs</a></li>
ef685e00a47967e27d89709461728a229d762172nd<li><img alt="" src="/images/down.gif" /> <a href="#virtualhost">Virtual Hosts</a></li>
ef685e00a47967e27d89709461728a229d762172nd<li><img alt="" src="/images/down.gif" /> <a href="#other">Other Log Files</a></li>
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe<div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe<h2><a name="security" id="security">Security Warning</a></h2>
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe <p>Anyone who can write to the directory where Apache is
ef685e00a47967e27d89709461728a229d762172nd writing a log file can almost certainly gain access to the uid
ef685e00a47967e27d89709461728a229d762172nd that the server is started as, which is normally root. Do
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe <em>NOT</em> give people write access to the directory the logs
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe are stored in without being aware of the consequences; see the
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe <a href="misc/security_tips.html">security tips</a> document
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe for details.</p>
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe <p>In addition, log files may contain information supplied
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe directly by the client, without escaping. Therefore, it is
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe possible for malicious clients to insert control-characters in
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe the log files, so care must be taken in dealing with raw
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe </div><div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe<h2><a name="errorlog" id="errorlog">Error Log</a></h2>
8dc8d968ba5f9e7090a062cce6755221e92ccc3crbowen <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td /><td><ul><li><code class="directive"><a href="/mod/core.html#errorlog">ErrorLog</a></code></li><li><code class="directive"><a href="/mod/core.html#loglevel">LogLevel</a></code></li></ul></td></tr></table>
17ca00f92106c825382359ebf0a754f8df21e316rbowen <p>The server error log, whose name and location is set by the
8dc8d968ba5f9e7090a062cce6755221e92ccc3crbowen <code class="directive"><a href="/mod/core.html#errorlog">ErrorLog</a></code> directive, is the
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe most important log file. This is the place where Apache httpd
8dc8d968ba5f9e7090a062cce6755221e92ccc3crbowen will send diagnostic information and record any errors that it
17ca00f92106c825382359ebf0a754f8df21e316rbowen encounters in processing requests. It is the first place to
17ca00f92106c825382359ebf0a754f8df21e316rbowen look when a problem occurs with starting the server or with the
17ca00f92106c825382359ebf0a754f8df21e316rbowen operation of the server, since it will often contain details of
17ca00f92106c825382359ebf0a754f8df21e316rbowen what went wrong and how to fix it.</p>
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe <p>The error log is usually written to a file (typically
17ca00f92106c825382359ebf0a754f8df21e316rbowen <code>error.log</code> on Windows and OS/2). On unix systems it
17ca00f92106c825382359ebf0a754f8df21e316rbowen is also possible to have the server send errors to
17ca00f92106c825382359ebf0a754f8df21e316rbowen <code>syslog</code> or <a href="#piped">pipe them to a
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe <p>The format of the error log is relatively free-form and
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe descriptive. But there is certain information that is contained
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe in most error log entries. For example, here is a typical
8e34905974b7a442a55adac3b3fdb196c389e807takashi message.</p>
ef685e00a47967e27d89709461728a229d762172nd [Wed Oct 11 14:32:52 2000] [error] [client 127.0.0.1]
ef685e00a47967e27d89709461728a229d762172nd client denied by server configuration:
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe <p>The first item in the log entry is the date and time of the
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe message. The second entry lists the severity of the error being
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe reported. The <code class="directive"><a href="/mod/core.html#loglevel">LogLevel</a></code>
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe directive is used to control the types of errors that are sent
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe to the error log by restricting the severity level. The third
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe entry gives the IP address of the client that generated the
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe error. Beyond that is the message itself, which in this case
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe indicates that the server has been configured to deny the
45220913988eb2543fff442282c4aaa6b20559a8rbowen client access. The server reports the file-system path (as
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe opposed to the web path) of the requested document.</p>
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe <p>A very wide variety of different messages can appear in the
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe error log. Most look similar to the example above. The error
d919a3bee0af8994d55ad9a5f2e899e6fb445913wrowe log will also contain debugging output from CGI scripts. Any
222f0f03c2f9ee6343c18f80f0cb6e9aad21bc58slive information written to <code>stderr</code> by a CGI script will
95e8cab14596a61826fa52477dcaebc07bfbad00colm be copied directly to the error log.</p>
95e8cab14596a61826fa52477dcaebc07bfbad00colm <p>It is not possible to customize the error log by adding or
95e8cab14596a61826fa52477dcaebc07bfbad00colm removing information. However, error log entries dealing with
95e8cab14596a61826fa52477dcaebc07bfbad00colm particular requests have corresponding entries in the <a href="#accesslog">access log</a>. For example, the above example
95e8cab14596a61826fa52477dcaebc07bfbad00colm entry corresponds to an access log entry with status code 403.
95e8cab14596a61826fa52477dcaebc07bfbad00colm Since it is possible to customize the access log, you can
95e8cab14596a61826fa52477dcaebc07bfbad00colm obtain more information about error conditions using that log
95e8cab14596a61826fa52477dcaebc07bfbad00colm <p>During testing, it is often useful to continuously monitor
95e8cab14596a61826fa52477dcaebc07bfbad00colm the error log for any problems. On unix systems, you can
95e8cab14596a61826fa52477dcaebc07bfbad00colm accomplish this using:</p>
95e8cab14596a61826fa52477dcaebc07bfbad00colm tail -f error_log
95e8cab14596a61826fa52477dcaebc07bfbad00colm </div><div class="top"><a href="#page-header"><img alt="top" src="/images/up.gif" /></a></div>
95e8cab14596a61826fa52477dcaebc07bfbad00colm<h2><a name="accesslog" id="accesslog">Access Log</a></h2>
95e8cab14596a61826fa52477dcaebc07bfbad00colm <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="/mod/mod_log_config.html">mod_log_config</a></code></li><li><code class="module"><a href="/mod/mod_setenvif.html">mod_setenvif</a></code></li></ul></td><td><ul><li><code class="directive"><a href="/mod/mod_log_config.html#customlog">CustomLog</a></code></li><li><code class="directive"><a href="/mod/mod_log_config.html#logformat">LogFormat</a></code></li><li><code class="directive"><a href="/mod/mod_setenvif.html#setenvif">SetEnvIf</a></code></li></ul></td></tr></table>
17efa6b5344b7574597eec03f02ef28103e19265nd <p>The server access log records all requests processed by the
8e34905974b7a442a55adac3b3fdb196c389e807takashi server. The location and content of the access log are
17efa6b5344b7574597eec03f02ef28103e19265nd controlled by the <code class="directive"><a href="/mod/mod_log_config.html#customlog">CustomLog</a></code>
17efa6b5344b7574597eec03f02ef28103e19265nd directive. The <code class="directive"><a href="/mod/mod_log_config.html#logformat">LogFormat</a></code>
17efa6b5344b7574597eec03f02ef28103e19265nd directive can be used to simplify the selection of
17efa6b5344b7574597eec03f02ef28103e19265nd the contents of the logs. This section describes how to configure the server
17efa6b5344b7574597eec03f02ef28103e19265nd to record information in the access log.</p>
17efa6b5344b7574597eec03f02ef28103e19265nd <p>Of course, storing the information in the access log is only
17efa6b5344b7574597eec03f02ef28103e19265nd the start of log management. The next step is to analyze this
17efa6b5344b7574597eec03f02ef28103e19265nd information to produce useful statistics. Log analysis in
17efa6b5344b7574597eec03f02ef28103e19265nd general is beyond the scope of this document, and not really
17efa6b5344b7574597eec03f02ef28103e19265nd part of the job of the web server itself. For more information
17efa6b5344b7574597eec03f02ef28103e19265nd about this topic, and for applications which perform log
17efa6b5344b7574597eec03f02ef28103e19265nd analysis, check the <a href="http://dmoz.org/Computers/Software/Internet/Site_Management/Log_analysis/">
17efa6b5344b7574597eec03f02ef28103e19265nd Open Directory</a> or <a href="http://dir.yahoo.com/Computers_and_Internet/Software/Internet/World_Wide_Web/Servers/Log_Analysis_Tools/">
17efa6b5344b7574597eec03f02ef28103e19265nd <p>Various versions of Apache httpd have used other modules and
17efa6b5344b7574597eec03f02ef28103e19265nd directives to control access logging, including
17efa6b5344b7574597eec03f02ef28103e19265nd mod_log_referer, mod_log_agent, and the
86bb9693d63dfc1be14519a5b444467e4b0cdaf8kawai <code>TransferLog</code> directive. The <code class="directive"><a href="/mod/mod_log_config.html#customlog">CustomLog</a></code> directive now subsumes
8e34905974b7a442a55adac3b3fdb196c389e807takashi the functionality of all the older directives.</p>
86bb9693d63dfc1be14519a5b444467e4b0cdaf8kawai <p>The format of the access log is highly configurable. The format
86bb9693d63dfc1be14519a5b444467e4b0cdaf8kawai is specified using a format string that looks much like a C-style
86bb9693d63dfc1be14519a5b444467e4b0cdaf8kawai printf(1) format string. Some examples are presented in the next
86bb9693d63dfc1be14519a5b444467e4b0cdaf8kawai sections. For a complete list of the possible contents of the
86bb9693d63dfc1be14519a5b444467e4b0cdaf8kawai format string, see the <code class="module"><a href="/mod/mod_log_config.html">mod_log_config</a></code> <a href="mod/mod_log_config.html#formats">format strings</a>.</p>
8e34905974b7a442a55adac3b3fdb196c389e807takashi <h3><a name="common" id="common">Common Log Format</a></h3>
86bb9693d63dfc1be14519a5b444467e4b0cdaf8kawai <p>A typical configuration for the access log might look as
86bb9693d63dfc1be14519a5b444467e4b0cdaf8kawai follows.</p>
86bb9693d63dfc1be14519a5b444467e4b0cdaf8kawai LogFormat "%h %l %u %t \"%r\" %>s %b" common<br />
17efa6b5344b7574597eec03f02ef28103e19265nd <p>This defines the <em>nickname</em> <code>common</code> and
8e34905974b7a442a55adac3b3fdb196c389e807takashi associates it with a particular log format string. The format
17efa6b5344b7574597eec03f02ef28103e19265nd string consists of percent directives, each of which tell the
17efa6b5344b7574597eec03f02ef28103e19265nd server to log a particular piece of information. Literal
8e34905974b7a442a55adac3b3fdb196c389e807takashi characters may also be placed in the format string and will be
17efa6b5344b7574597eec03f02ef28103e19265nd copied directly into the log output. The quote character
17efa6b5344b7574597eec03f02ef28103e19265nd (<code>"</code>) must be escaped by placing a back-slash before
8e34905974b7a442a55adac3b3fdb196c389e807takashi it to prevent it from being interpreted as the end of the
8e34905974b7a442a55adac3b3fdb196c389e807takashi format string. The format string may also contain the special
8e34905974b7a442a55adac3b3fdb196c389e807takashi control characters "<code>\n</code>" for new-line and
17efa6b5344b7574597eec03f02ef28103e19265nd <p>The <code class="directive"><a href="/mod/mod_log_config.html#customlog">CustomLog</a></code>
17efa6b5344b7574597eec03f02ef28103e19265nd directive sets up a new log file using the defined
8e34905974b7a442a55adac3b3fdb196c389e807takashi <em>nickname</em>. The filename for the access log is relative to
8e34905974b7a442a55adac3b3fdb196c389e807takashi the <code class="directive"><a href="/mod/core.html#serverroot">ServerRoot</a></code> unless it
17efa6b5344b7574597eec03f02ef28103e19265nd begins with a slash.</p>
17efa6b5344b7574597eec03f02ef28103e19265nd <p>The above configuration will write log entries in a format
17efa6b5344b7574597eec03f02ef28103e19265nd known as the Common Log Format (CLF). This standard format can
cd51960ffc0f49d7a9e702162ed49b3eb0909276dirkx be produced by many different web servers and read by many log
8e34905974b7a442a55adac3b3fdb196c389e807takashi analysis programs. The log file entries produced in CLF will
cd51960ffc0f49d7a9e702162ed49b3eb0909276dirkx look something like this:</p>
cd51960ffc0f49d7a9e702162ed49b3eb0909276dirkx <p>Each part of this log entry is described below.</p>
cd51960ffc0f49d7a9e702162ed49b3eb0909276dirkx <dd>This is the IP address of the client (remote host) which
cd51960ffc0f49d7a9e702162ed49b3eb0909276dirkx made the request to the server. If <code class="directive"><a href="/mod/core.html#hostnamelookups">HostnameLookups</a></code> is
cd51960ffc0f49d7a9e702162ed49b3eb0909276dirkx set to <code>On</code>, then the server will try to determine
cd51960ffc0f49d7a9e702162ed49b3eb0909276dirkx the hostname and log it in place of the IP address. However,
cd51960ffc0f49d7a9e702162ed49b3eb0909276dirkx this configuration is not recommended since it can
cd51960ffc0f49d7a9e702162ed49b3eb0909276dirkx significantly slow the server. Instead, it is best to use a
b5468eddc0cb1691af19ddc70a6e205daf00a94ctrawick log post-processor such as <a href="programs/logresolve.html">logresolve</a> to determine
8e34905974b7a442a55adac3b3fdb196c389e807takashi the hostnames. The IP address reported here is not
b5468eddc0cb1691af19ddc70a6e205daf00a94ctrawick necessarily the address of the machine at which the user is
1b3225113bb6fcf326cf16af9023e381ae0ac083nd sitting. If a proxy server exists between the user and the
1b3225113bb6fcf326cf16af9023e381ae0ac083nd server, this address will be the address of the proxy, rather
b5468eddc0cb1691af19ddc70a6e205daf00a94ctrawick than the originating machine.</dd>
1f666f93c91dbb492dc7706573b369cd03b84265poirier <dd>The "hyphen" in the output indicates that the requested
1f666f93c91dbb492dc7706573b369cd03b84265poirier piece of information is not available. In this case, the
b5468eddc0cb1691af19ddc70a6e205daf00a94ctrawick information that is not available is the RFC 1413 identity of
b5468eddc0cb1691af19ddc70a6e205daf00a94ctrawick the client determined by <code>identd</code> on the clients
b5468eddc0cb1691af19ddc70a6e205daf00a94ctrawick machine. This information is highly unreliable and should
1f666f93c91dbb492dc7706573b369cd03b84265poirier almost never be used except on tightly controlled internal
1f666f93c91dbb492dc7706573b369cd03b84265poirier networks. Apache httpd will not even attempt to determine
b5468eddc0cb1691af19ddc70a6e205daf00a94ctrawick this information unless <code class="directive"><a href="/mod/core.html#identitycheck">IdentityCheck</a></code> is set
8e34905974b7a442a55adac3b3fdb196c389e807takashi <dd>This is the userid of the person requesting the document
81622596373177e079337e956f7a5800895443b3erikabele as determined by HTTP authentication. The same value is
ef685e00a47967e27d89709461728a229d762172nd typically provided to CGI scripts in the
ef685e00a47967e27d89709461728a229d762172nd <code>REMOTE_USER</code> environment variable. If the status
ef685e00a47967e27d89709461728a229d762172nd code for the request (see below) is 401, then this value
81622596373177e079337e956f7a5800895443b3erikabele should not be trusted because the user is not yet
81622596373177e079337e956f7a5800895443b3erikabele authenticated. If the document is not password protected,
81622596373177e079337e956f7a5800895443b3erikabele this entry will be "<code>-</code>" just like the previous
81622596373177e079337e956f7a5800895443b3erikabele The time that the server finished processing the request.
81622596373177e079337e956f7a5800895443b3erikabele The format is:
e554dd2dae4ba2c32dbd05fc0d4e0a42ef4ba902rbowen day = 2*digit<br />
e554dd2dae4ba2c32dbd05fc0d4e0a42ef4ba902rbowen month = 3*letter<br />
e554dd2dae4ba2c32dbd05fc0d4e0a42ef4ba902rbowen year = 4*digit<br />
e554dd2dae4ba2c32dbd05fc0d4e0a42ef4ba902rbowen hour = 2*digit<br />
e554dd2dae4ba2c32dbd05fc0d4e0a42ef4ba902rbowen minute = 2*digit<br />
e554dd2dae4ba2c32dbd05fc0d4e0a42ef4ba902rbowen second = 2*digit<br />
e554dd2dae4ba2c32dbd05fc0d4e0a42ef4ba902rbowen zone = (`+' | `-') 4*digit</code>
e554dd2dae4ba2c32dbd05fc0d4e0a42ef4ba902rbowen It is possible to have the time displayed in another format
e554dd2dae4ba2c32dbd05fc0d4e0a42ef4ba902rbowen by specifying <code>%{format}t</code> in the log format
e554dd2dae4ba2c32dbd05fc0d4e0a42ef4ba902rbowen <code>strftime(3)</code> from the C standard library.
e554dd2dae4ba2c32dbd05fc0d4e0a42ef4ba902rbowen <dd>The request line from the client is given in double
e554dd2dae4ba2c32dbd05fc0d4e0a42ef4ba902rbowen quotes. The request line contains a great deal of useful
e554dd2dae4ba2c32dbd05fc0d4e0a42ef4ba902rbowen information. First, the method used by the client is
f0eae6f6191f5730fa8db049f7391e93b4ff41b9erikabele <code>GET</code>. Second, the client requested the resource
8e34905974b7a442a55adac3b3fdb196c389e807takashi <code>/apache_pb.gif</code>, and third, the client used the
f0eae6f6191f5730fa8db049f7391e93b4ff41b9erikabele protocol <code>HTTP/1.0</code>. It is also possible to log
f0eae6f6191f5730fa8db049f7391e93b4ff41b9erikabele one or more parts of the request line independently. For
f0eae6f6191f5730fa8db049f7391e93b4ff41b9erikabele example, the format string "<code>%m %U%q %H</code>" will log
f0eae6f6191f5730fa8db049f7391e93b4ff41b9erikabele the method, path, query-string, and protocol, resulting in
f0eae6f6191f5730fa8db049f7391e93b4ff41b9erikabele exactly the same output as "<code>%r</code>".</dd>
f0eae6f6191f5730fa8db049f7391e93b4ff41b9erikabele <dd>This is the status code that the server sends back to the
f0eae6f6191f5730fa8db049f7391e93b4ff41b9erikabele client. This information is very valuable, because it reveals
f0eae6f6191f5730fa8db049f7391e93b4ff41b9erikabele whether the request resulted in a successful response (codes
f0eae6f6191f5730fa8db049f7391e93b4ff41b9erikabele beginning in 2), a redirection (codes beginning in 3), an
f0eae6f6191f5730fa8db049f7391e93b4ff41b9erikabele error caused by the client (codes beginning in 4), or an
f0eae6f6191f5730fa8db049f7391e93b4ff41b9erikabele error in the server (codes beginning in 5). The full list of
f0eae6f6191f5730fa8db049f7391e93b4ff41b9erikabele possible status codes can be found in the <a href="http://www.w3.org/Protocols/rfc2616/rfc2616.txt">HTTP
8e34905974b7a442a55adac3b3fdb196c389e807takashi <dd>The last entry indicates the size of the object returned
f4166cb2bf5e48c1b0f18b0d1f6757fce82230a8nd to the client, not including the response headers. If no
f4166cb2bf5e48c1b0f18b0d1f6757fce82230a8nd content was returned to the client, this value will be
8e34905974b7a442a55adac3b3fdb196c389e807takashi "<code>-</code>". To log "<code>0</code>" for no content, use
8e34905974b7a442a55adac3b3fdb196c389e807takashi <h3><a name="combined" id="combined">Combined Log Format</a></h3>
f4166cb2bf5e48c1b0f18b0d1f6757fce82230a8nd <p>Another commonly used format string is called the Combined
f4166cb2bf5e48c1b0f18b0d1f6757fce82230a8nd Log Format. It can be used as follows.</p>
f4166cb2bf5e48c1b0f18b0d1f6757fce82230a8nd LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\"
f4166cb2bf5e48c1b0f18b0d1f6757fce82230a8nd \"%{User-agent}i\"" combined<br />
8e34905974b7a442a55adac3b3fdb196c389e807takashi <p>This format is exactly the same as the Common Log Format,
17efa6b5344b7574597eec03f02ef28103e19265nd with the addition of two more fields. Each of the additional
17efa6b5344b7574597eec03f02ef28103e19265nd fields uses the percent-directive
17efa6b5344b7574597eec03f02ef28103e19265nd <code>%{<em>header</em>}i</code>, where <em>header</em> can be
4a67c5c0053e1c1c2202122e46a42987f6fd28dfyoshiki any HTTP request header. The access log under this format will
4a67c5c0053e1c1c2202122e46a42987f6fd28dfyoshiki look like:</p>
4a67c5c0053e1c1c2202122e46a42987f6fd28dfyoshiki "http://www.example.com/start.html" "Mozilla/4.08 [en]
4a67c5c0053e1c1c2202122e46a42987f6fd28dfyoshiki (Win98; I ;Nav)"
8e34905974b7a442a55adac3b3fdb196c389e807takashi <dd>The "Referer" (sic) HTTP request header. This gives the
e9e8e471353eaa5576e1e96530968d02f208e39fnd site that the client reports having been referred from. (This
e9e8e471353eaa5576e1e96530968d02f208e39fnd should be the page that links to or includes
1e1be8a0871405df3c1ec4d6d33aab71996ad0c9nilgun <dd>The User-Agent HTTP request header. This is the
e9e8e471353eaa5576e1e96530968d02f208e39fnd identifying information that the client browser reports about
e9e8e471353eaa5576e1e96530968d02f208e39fnd itself.</dd>
e9e8e471353eaa5576e1e96530968d02f208e39fnd <h3><a name="multiple" id="multiple">Multiple Access Logs</a></h3>
information. The last two <code class="directive"><a href="/mod/mod_log_config.html#customlog">CustomLog</a></code> lines show how
nickname with the <code class="directive"><a href="/mod/mod_log_config.html#logformat">LogFormat</a></code> directive. Instead,
the log format can be specified directly in the <code class="directive"><a href="/mod/mod_log_config.html#customlog">CustomLog</a></code> directive.</p>
client request. This is easily accomplished with the help of <a href="env.html">environment variables</a>. First, an
<code>env=</code> clause of the <code class="directive"><a href="/mod/mod_log_config.html#customlog">CustomLog</a></code> directive is used to
<p>Another way to perform log rotation is using <a href="#piped">piped logs</a> as discussed in the next
outside the <code class="directive"><a href="/mod/core.html#virtualhost"><VirtualHost></a></code> sections in the
host that is serving the request. Then a program like <a href="programs/other.html">split-logfile</a> can be used to
<table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="/mod/mod_cgi.html">mod_cgi</a></code></li><li><code class="module"><a href="/mod/mod_rewrite.html">mod_rewrite</a></code></li></ul></td><td><ul><li><code class="directive"><a href="/mod/mpm_common.html#pidfile">PidFile</a></code></li><li><code class="directive"><a href="/mod/mod_rewrite.html#rewritelog">RewriteLog</a></code></li><li><code class="directive"><a href="/mod/mod_rewrite.html#rewriteloglevel">RewriteLogLevel</a></code></li><li><code class="directive"><a href="/mod/mod_cgi.html#scriptlog">ScriptLog</a></code></li><li><code class="directive"><a href="/mod/mod_cgi.html#scriptlogbuffer">ScriptLogBuffer</a></code></li><li><code class="directive"><a href="/mod/mod_cgi.html#scriptloglength">ScriptLogLength</a></code></li></ul></td></tr></table>
filename can be changed with the <code class="directive"><a href="/mod/mpm_common.html#pidfile">PidFile</a></code> directive. The
<p>When using the powerful and complex features of <a href="mod/mod_rewrite.html">mod_rewrite</a>, it is almost
always necessary to use the <code class="directive"><a href="/mod/mod_rewrite.html#rewritelog">RewriteLog</a></code> to help
is controlled by the <code class="directive"><a href="/mod/mod_rewrite.html#rewriteloglevel">RewriteLogLevel</a></code> directive.</p>
<p><span>Available Languages: </span><a href="/en/logs.html"> en </a> | <a href="/ja/logs.html"> ja </a> | <a href="/ko/logs.html"> ko </a></p>
<p class="apache">Maintained by the <a href="http://httpd.apache.org/docs-project/">Apache HTTP Server Documentation Project</a></p>
<p class="menu"><a href="/mod/">Modules</a> | <a href="/mod/directives.html">Directives</a> | <a href="/faq/">FAQ</a> | <a href="/glossary.html">Glossary</a> | <a href="/sitemap.html">Sitemap</a></p></div>