info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
apache2/iso-8601.conf: use ISO 8601 whenever possible
29 views
Skip to first unread message
Ivan Shmakov
Jul 15, 2017, 11:15:56 AM7/15/17
to
It doesn't seem that sort(1) is ought to support ordering
15/Jul/2017-style timestamps. Hence, I decided to switch my
Apache instances to use ISO-8601 timestamps in the logs, as per
the following LogFormat and ErrorLogFormat directives.
### iso-8601.conf -*- Default-Generic -*-
## Use ISO 8601 time format whenever possible.
LogFormat "%v:%p %h %l %u %{%F %T %z}t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %{%F %T %z}t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %{%F %T %z}t \"%r\" %>s %O" common
## Based on: http://httpd.apache.org/docs/2.4/mod/core.html#errorlogformat
ErrorLogFormat "[%{cu}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i"
### iso-8601.conf ends here
On Debian, this goes to /etc/apache2/conf-available/iso-8601.conf
and is turned on in the usual way:
# a2enconf -- iso-8601 ; service apache2 reload
My specific use case is that I serve both HTTP and HTTPS with
the same Apache, with the respective "virtual hosts" using
separate access.log files. With ISO-8601, I can easily "merge"
these files with sort(1), like:
$ sort -r -k4,5 < /var/log/apache2/*access.log{.1,} | less -S
Or, rather, to also ignore the usual Web crawlers:
$ grep -hviE -- '(bots?|spider|slurp)\>' \
/var/log/apache2/*access.log{.1,} | sort -r -k4,5 | less -S
(I also saw 'abonti', 'crawler', 'ezooms', 'megaindex' and
'qwantify' in my logs, but not anymore.)
--
FSF associate member #7257 58F8 0F47 53F5 2EB2 F6A5 8916 3013 B6A0 230E 334A
15/Jul/2017-style timestamps. Hence, I decided to switch my
Apache instances to use ISO-8601 timestamps in the logs, as per
the following LogFormat and ErrorLogFormat directives.
### iso-8601.conf -*- Default-Generic -*-
## Use ISO 8601 time format whenever possible.
LogFormat "%v:%p %h %l %u %{%F %T %z}t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %{%F %T %z}t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %{%F %T %z}t \"%r\" %>s %O" common
## Based on: http://httpd.apache.org/docs/2.4/mod/core.html#errorlogformat
ErrorLogFormat "[%{cu}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i"
### iso-8601.conf ends here
On Debian, this goes to /etc/apache2/conf-available/iso-8601.conf
and is turned on in the usual way:
# a2enconf -- iso-8601 ; service apache2 reload
My specific use case is that I serve both HTTP and HTTPS with
the same Apache, with the respective "virtual hosts" using
separate access.log files. With ISO-8601, I can easily "merge"
these files with sort(1), like:
$ sort -r -k4,5 < /var/log/apache2/*access.log{.1,} | less -S
Or, rather, to also ignore the usual Web crawlers:
$ grep -hviE -- '(bots?|spider|slurp)\>' \
/var/log/apache2/*access.log{.1,} | sort -r -k4,5 | less -S
(I also saw 'abonti', 'crawler', 'ezooms', 'megaindex' and
'qwantify' in my logs, but not anymore.)
--
FSF associate member #7257 58F8 0F47 53F5 2EB2 F6A5 8916 3013 B6A0 230E 334A
0 new messages