Logs and Monitoring for Apache Servers | Page 5 | WebReference

Logs and Monitoring for Apache Servers | Page 5


[previous]

Logs and Monitoring for Apache Servers

Merging and Splitting Log Files

When you have a cluster of web servers serving the same content, it is often necessary to merge logs from all servers into a unique log file before passing it to analysis tools. Similarly, if a single Apache server handles several virtual hosts, sometimes it is necessary to split a single log file into different files, one per each virtual host. This can be done at the web server level, as explained in the next section, or by post-processing the log file. Both Apache 1.3 and 2.x come with a support script file named split-logfile. It can be found in the support/ directory of the Apache source distribution.

The logtool project provides a collection of log manipulation tools, and can be found at https://www.coker.com.au/logtools/.

The vlogger tool allows splitting a single log stream into several virtualhost-specific log files, as well as being able to replace tools such as cronolog, as explained in a previous section. It can be found at https://n0rp.chemlab.org/vlogger/.

Keeping Separate Logs for Each Virtual Host

You can keep separate access logs for each virtual host using a CustomLog directive inside each <virtualhost> section, as shown in the example.

You can also choose to log the operations of all virtual hosts in the access_log defined in the global server context:

%v will log the name of the virtual host that serves the request. You can then use the tools described in the previous section to process the resulting log file. This may be necessary if you have a large number of virtual hosts.

If you don't want to keep track of the operations of a particular host at all, you can simply use

Common Log Entries

In addition to the information provided in Chapter 2, this section describes a number of log entries for some common errors that you may find when you review your log files. You can safely ignore most of them.

File favicon.ico Not Found

Most recent web browsers support displaying a custom icon next to the browser's location bar or when storing a bookmark. To do so, the browser requests a specific file from the website (favicon.ico). If this file is not present, you will get this error. You can learn more about how to provide this icon in your website in Chapter 1.

File robots.txt Not Found

The robots.txt file is a file requested by certain programs, such as automatic downloaders and web crawlers, when accessing your website. These are programs that scan websites, recursively following and downloading any links that they find. They are usually associated with search engines, and their main purpose is to store and index the retrieved contents. If the robots.txt file is not present, you will get this error.

httpd.pid Overwritten

On Unix systems, the httpd.pid file contains the PID (process id) for the Apache process currently running. It is created when Apache starts and deleted when it shuts down. When Apache does not have a clean shutdown, for example because the server had to be killed manually or the machine crashed, the file will not be deleted. In this case, it will still be present the next time the server starts, giving this error.

Long, Strange Requests

You may find strange requests such as the following in your error log:

Or requests for executable files that do not exist in your website, such as cmd.exe, root.exe, dir, and so on.

There are log entries that result from automated attempts to exploit vulnerabilities in web servers. Luckily, most of them are generated by worms or other malicious applications specific to Microsoft Internet Information Server on Windows, and Apache is not affected. However, from time to time, flaws are discovered in Apache that could leave it vulnerable to remote attacks. For this reason, you should always keep your Apache server up to date, as described in Chapter 6.


This chapter titled, "Logs and Monitoring", is excerpted from the book, Apache Phrasebook, authored by Daniel Lopez (pages 43-58); ISBN 0-672-32836-4; Copyright 2006 by Sams Publishing. Reprinted with permissions from Pearson Education. All rights reserved. A complete Table of Contents is available.


[previous]

URL: