LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-03-2013, 08:57 AM   #1
DHenrique
LQ Newbie
 
Registered: Sep 2013
Posts: 2

Rep: Reputation: Disabled
httpd log files


I am trying to get a simple explaination of the difference in what is being logged in the access_log as opposed to the ssl_access_log and ssl_request_log. The server host several sites and VHosts several others. What I am trying to determine is where the administrators, web developers and or back end loggins are being recorded to get the IP of those accessing. I am not looking for web browsers who are visiting the sites hosted on the server, only logs of those accountable for the sites. The httpd log folder also containes suexec_log files and modsec_audit and debug logs. Any help would be appreciated. This is an Apache Red Hat server.
 
Old 09-03-2013, 12:16 PM   #2
BobMCT
LQ Newbie
 
Registered: Mar 2005
Location: CT USA
Distribution: SuSE/Ubuntu/Fedora
Posts: 20

Rep: Reputation: 0
Hmmm,

I'm not aware of any before logging filtering ability, but if you know your developers' and maintainer's IP addresses (and you should) you can use grep and/or awk to extract those entries from the logs. Also, it is possible and my recommendation, if you host multiple sites, to have separate log files and/or directories for each site. That keeps your housekeeping somewhat sane.

Good luck -
 
Old 09-03-2013, 12:25 PM   #3
DHenrique
LQ Newbie
 
Registered: Sep 2013
Posts: 2

Original Poster
Rep: Reputation: Disabled
Clarification for post

Thanks for the reply, but I think my question was confusing. I know all logs can be configured in any way, but if I was to tell someone the ssl_access_log documents ____________ and the access_log documents ______________, what would I tell that person.
 
Old 09-03-2013, 01:00 PM   #4
BobMCT
LQ Newbie
 
Registered: Mar 2005
Location: CT USA
Distribution: SuSE/Ubuntu/Fedora
Posts: 20

Rep: Reputation: 0
I've always used both and see the same types of entries (access & page requests) in both files. Only the non-ssl are found in the access.log (or whatever you've called it) and the ssl are found in the ssl_access.log (again, whatever you called it.

After studying the content logs for a while you will be come more familiar with what's placed in there. Also, there is a mechanism to more finely control what gets logged, either more or less. Don't forget, there are also error logs that tell a story as well.

Look through this page and page down to access.log contents
http://httpd.apache.org/docs/2.4/logs.html

Hope this helps somewhat.
 
Old 09-04-2013, 07:36 AM   #5
danstoner
LQ Newbie
 
Registered: May 2005
Location: Florida
Distribution: Lubuntu
Posts: 10
Blog Entries: 1

Rep: Reputation: 1
apache access logs

DHenrique - Without seeing into your actual conf lines that configure the logging on your server, we can only guess.

I am guessing that your access_log records web requests that came in on port 80 and ssl_access_log records requests that came in on port 443.

So, a request to http://yoursite would get logged to access_log, a request to https://yoursite would get logged to ssl_access_log. That's really the only difference... unless your config files specify different logging formats for one or the other.

Apache matches a web request to a particular vhost and if that vhost has an access log configured, the line will get logged there. If no log file is specified for a vhost, the log lines would go to the default log file (access_log).

On Red Hat flavors, start here and find out how those log files are specified.

/etc/httpd/conf/httpd.conf

- Dan Stoner
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
convert screen.log and putty.log files into linux readable files aksharb Linux - Software 1 03-20-2011 07:16 AM
logrotate httpd log files linux_bud Linux - Newbie 3 01-11-2010 05:13 AM
Does apache need to own var/log/httpd/logfiles.log Karas Linux - Newbie 2 11-26-2009 12:25 PM
var/log/httpd joeard Linux - Distributions 1 12-08-2006 08:45 PM
Can log files be time stamped? (such as FTP login and transfer log files) bripage Linux - Networking 6 08-08-2002 10:55 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 02:27 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration