<
tr><
td><
code>%...{<
var>Foobar</
var>}o</
code></
td>
<
td>The contents of <
code><
var>Foobar</
var>:</
code> header line(s)
<
tr><
td><
code>%
...p</
code></
td>
<
td>The canonical port of the server serving the request</
td></
tr>
<
tr><
td><
code>%
...P</
code></
td>
<
td>The process ID of the child that serviced the request.</
td></
tr>
<
tr><
td><
code>%
...q</
code></
td>
<
td>The query string (prepended with a <
code>?</
code> if a query
string exists, otherwise an empty string)</
td></
tr>
<
tr><
td><
code>%
...r</
code></
td>
<
td>First line of request</
td></
tr>
<
tr><
td><
code>%
...s</
code></
td>
<
td>Status. For requests that got internally redirected, this is
the status of the *original* request --- <
code>%...>s</
code>
<
tr><
td><
code>%
...t</
code></
td>
<
td>Time, in common log format time format (standard english
<
tr><
td><
code>%...{<
var>format</
var>}t</
code></
td>
<
td>The time, in the form given by format, which should be in
<
code>strftime(3)</
code> format. (potentially localized)</
td></
tr>
<
tr><
td><
code>%
...T</
code></
td>
<
td>The time taken to serve the request, in seconds.</
td></
tr>
<
tr><
td><
code>%
...u</
code></
td>
<
td>Remote user (from auth; may be bogus if return status
(<
code>%s</
code>) is 401)</
td></
tr>
<
tr><
td><
code>%
...U</
code></
td>
<
td>The URL path requested, not including any query string.</
td></
tr>
<
tr><
td><
code>%
...v</
code></
td>
<
td>The canonical <
directive module="core">ServerName</
directive>
of the server serving the request.</
td></
tr>
<
tr><
td><
code>%
...V</
code></
td>
<
td>The server name according to the <
directive module="core" >UseCanonicalName</
directive> setting.</
td></
tr>
<
tr><
td><
code>%
...X</
code></
td>
<
td>Connection status when response is completed:
<
tr><
td><
code>X</
code> =</
td>
<
td>connection aborted before the response completed.</
td></
tr>
<
tr><
td><
code>+</
code> =</
td>
<
td>connection may be kept alive after the response is
<
tr><
td><
code>-</
code> = </
td>
<
td>connection will be closed after the response is
<
p>(This directive was <
code>%
...c</
code> in late versions of Apache
1.3, but this conflicted with the historical ssl
<
code>%...{<
var>var</
var>}c</
code> syntax.)</
p></
td></
tr>
<
tr><
td><
code>%
...I</
code></
td>
<
td>Bytes received, including request and headers, cannot be zero.
You need to enable <
module>mod_logio</
module> to use this.</
td></
tr>
<
tr><
td><
code>%
...O</
code></
td>
<
td>Bytes sent, including headers, cannot be zero. You need to
enable <
module>mod_logio</
module> to use this.</
td></
tr>
<
p>The "<
var>...</
var>" can be nothing at all (<
em>
e.g.</
em>,
<
code>"%h %u %r %s %b"</
code>), or it can indicate conditions for
inclusion of the item (which will cause it to be replaced with "-" if
the condition is not met). The forms of condition are a list of
HTTP status codes, which may or may not be preceded by "!".
Thus, "%400,501{User-agent}i" logs <
code>User-agent:</
code> on 400
errors and 501 errors (Bad Request, Not Implemented) only;
"%!200,304,302{Referer}i" logs <
code>Referer:</
code> on all requests
which did <
em>not</
em> return some sort of normal status.</
p>
<
p>Note that there is no escaping performed on the strings from
<
code>%
...r</
code>, <
code>%
...i</
code> and <
code>%
...o</
code>. This
is mainly to comply with the requirements of the Common Log Format.
This implies that clients can insert control characters into the log,
so care should be taken when dealing with raw log files.</
p>
<
p>Some commonly used log format strings are:</
p>
<
dt>Common Log Format (CLF)</
dt>
<
dd><
code>"%h %l %u %t \"%r\" %>s %b"</
code></
dd>
<
dt>Common Log Format with Virtual Host</
dt>
<
dd><
code>"%v %h %l %u %t \"%r\" %>s %b"</
code></
dd>
<
dd><
code>"%h %l %u %t \"%r\" %>s %b \"%{Referer}i\"
\"%{User-agent}i\""</
code></
dd>
<
dt>Referer log format</
dt>
<
dd><
code>"%{Referer}i -> %U"</
code></
dd>
<
dt>Agent (Browser) log format</
dt>
<
dd><
code>"%{User-agent}i"</
code></
dd>
<
p>Note that the canonical <
directive module="core" >ServerName</
directive> and <
directive module="mpm_common" >Listen</
directive> of the server serving the
request are used for <
code>%v</
code> and <
code>%p</
code>
respectively. This happens regardless of the <
directive module="core">UseCanonicalName</
directive> setting
because otherwise log analysis programs would have to duplicate
the entire vhost matching algorithm in order to decide what
host really served the request.</
p>
<
section id="security"><
title>Security Considerations</
title>
document for details on why your security could be compromised
if the directory where logfiles are stored is writable by
anyone other than the user that starts the server.</
p>
<
description>Sets filename for the logging of cookies</
description>
<
syntax>CookieLog <
var>filename</
var></
syntax>
<
contextlist><
context>server config</
context><
context>virtual host</
context>
<
compatibility>This directive is deprecated.</
compatibility>
<
p>The <
directive>CookieLog</
directive> directive sets the
filename for logging of cookies. The filename is relative to the
<
directive module="core">ServerRoot</
directive>. This directive is
included only for compatibility with <
code>mod_cookies</
code>,
<
description>Sets filename and format of log file</
description>
<
syntax>CustomLog <
var>file</
var>|<
var>pipe</
var>
<
var>format</
var>|<
var>nickname</
var>
[env=[!]<
var>environment-variable</
var>]</
syntax>
<
contextlist><
context>server config</
context><
context>virtual host</
context>
<
p>The <
directive>CustomLog</
directive> directive is used to
log requests to the server. A log format is specified, and the
logging can optionally be made conditional on request
characteristics using environment variables.</
p>
<
p>The first argument, which specifies the location to which
the logs will be written, can take on one of the following two
<
dd>A filename, relative to the <
directive module="core" >ServerRoot</
directive>.</
dd>
<
dd>The pipe character "<
code>|</
code>", followed by the path
to a program to receive the log information on its standard
<
note type="warning"><
title>Security:</
title>
<
p>If a program is used, then it will be run under the user who
started httpd. This will be root if the server was started by root;
be sure that the program is secure.</
p>
<
p>The second argument specifies what will be written to the
log file. It can specify either a <
var>nickname</
var> defined by
a previous <
directive module="mod_log_config">LogFormat</
directive>
directive, or it can be an explicit <
var>format</
var> string as
described in the <
a href="#formats">log formats</
a> section.</
p>
<
p>For example, the following two sets of directives have
exactly the same effect:</
p>
# CustomLog with format nickname<
br />
LogFormat "%h %l %u %t \"%r\" %>s %b" common<
br />
# CustomLog with explicit format string<
br />
<
p>The third argument is optional and allows the decision on
whether or not to log a particular request to be based on the
presence or absence of a particular variable in the server
environment. If the specified <
a href="/env.html">environment
variable</
a> is set for the request (or is not set, in the case
of a '<
code>env=!<
var>name</
var></
code>' clause), then the
request will be logged.</
p>
<
p>Environment variables can be set on a per-request
basis using the <
module>mod_setenvif</
module>
and/
or <
module>mod_rewrite</
module> modules. For
example, if you want to record requests for all GIF
images on your server in a separate logfile but not in your main
SetEnvIf Request_URI \.gif$ gif-image<
br />
<
description>Describes a format for use in a log file</
description>
<
syntax>LogFormat <
var>format</
var>|<
var>nickname</
var>
[<
var>nickname</
var>]</
syntax>
<
default>LogFormat "%h %l %u %t \"%r\" %>s %b"</
default>
<
contextlist><
context>server config</
context><
context>virtual host</
context>
<
p>This directive specifies the format of the access log
<
p>The <
directive>LogFormat</
directive> directive can take one of two
forms. In the first form, where only one argument is specified,
this directive sets the log format which will be used by logs
specified in subsequent <
directive>TransferLog</
directive>
directives. The single argument can specify an explicit
<
var>format</
var> as discussed in <
a href="#formats">custom log
formats</
a> section above. Alternatively, it can use a
<
var>nickname</
var> to refer to a log format defined in a
previous <
directive>LogFormat</
directive> directive as described
<
p>The second form of the <
directive>LogFormat</
directive>
directive associates an explicit <
var>format</
var> with a
<
var>nickname</
var>. This <
var>nickname</
var> can then be used in
subsequent <
directive>LogFormat</
directive> or
<
directive module="mod_log_config">CustomLog</
directive> directives
rather than repeating the entire format string. A
<
directive>LogFormat</
directive> directive that defines a nickname
<
strong>does nothing else</
strong> -- that is, it <
em>only</
em>
defines the nickname, it doesn't actually apply the format and make
it the default. Therefore, it will not affect subsequent
<
directive module="mod_log_config">TransferLog</
directive> directives.
In addition, <
directive>LogFormat</
directive> cannot use one nickname
to define another nickname. Note, that the nickname should not contain
percent signs (<
code>%</
code>).</
p>
<
example><
title>Example</
title>
LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common
<
description>Specifly location of a log file</
description>
<
syntax>TransferLog <
var>file</
var>|<
var>pipe</
var></
syntax>
<
contextlist><
context>server config</
context><
context>virtual host</
context>
<
p>This directive has exactly the same arguments and effect as
the <
directive module="mod_log_config">CustomLog</
directive>
directive, with the exception that it does not allow the log format
to be specified explicitly or for conditional logging of requests.
Instead, the log format is determined by the most recently specified
<
directive module="mod_log_config">LogFormat</
directive> directive
(which does not define a nickname). Common Log Format is used if no
other format has been specified.</
p>
<
example><
title>Example</
title>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""<
br />