Apache log file cookie

By default, Apache stores access and error logs in separate files on the server. The exact location depends on your operating system. You can find the location for your OS by clicking on the following links:. Apache has a highly configurable logging framework that lets you adjust logging behavior globally or for each virtual host. There are several directives you can use to change logging behavior.

Some of the more common directives are the log level and log format directives, which we will explain in greater detail. The LogLevel directive determines the minimum s everity level of events that are logged to a specific destination.

The LogFormat directive controls the layout and formatting of log events. Apache uses the Common Log Format CLF by default, but you can specify your own format string to change the fields included in each log. You can also use the CustomLog directive to change the location of the log file. You can also define a LogFormat string after the filename, which will only apply the format string to this file.

You can find a full list of fields in the Apache log documentation. We recommend using at least the following five fields, as they are important for monitoring server health and for troubleshooting issues:.

LogFormat strings can be assigned nicknames, which you can then use with a CustomLog directive to write logs using the specified format. This allows you to use the same log format for several log files without having to redefine the format each time. This is particularly useful when using different log files for multiple virtual hosts. Storing your logs as plain text makes them easy to scan in case you ever need to read your log files. However, this makes it difficult to use tools such as log management solutions to read your logs, since these tools must know how your logs are formatted.

Most log management solutions support the default Apache log format, but if not, you should consider using a structured format like JSON. JSON is also effectively self-documenting, since the name of the key describes the data that it contains. JSON supports many basic data types including strings, numbers, booleans, arrays, and null values.

Virtual Hosts vhosts are used to run more than one website on a single Apache server. You can define a separate logging configuration for each vhost, which is given priority over the global logging configuration. This lets you log each website to a separate directory, for example. Leaving these parameters out defaults to the global logging configuration. For example, the following configuration is for a vhost at example.

Logs are written to separate access. The following sections show the default configuration file locations and directives used in different Linux distributions. The Apache web server offers a number of modules that either change the way Apache works or extend its capability.

The following modules add or change the logging behavior in useful ways. This is the base logging module that Apache uses, and the one that we covered in this section of the guide. Connect and share knowledge within a single location that is structured and easy to search. I have Apache running as a proxy and I want to log the cookie string as part of the requests that come through the proxy, but I there are certain cookies I want to exclude since they contain sensitive info.

But I want to log everything except certain cookies if they exist. This works well if Foobar exists in the cookie string, but if Foobar doesn't exist, if just logs a "-", so I don't get all the other cookies. It's possible that my regex might be poor, but it seems to work in the matching case, but Apache doesn't seem to handle it right in the non-matching case. Stack Overflow for Teams — Collaborate and share knowledge with a private group.

Create a free Team What is Teams? Collectives on Stack Overflow. Learn more. How do I configure Apache to not log certain cookies? Ask Question. Asked 9 years, 1 month ago. If not, you can check to see if it loads at runtime as a DSO. Open up the httpd.

First, plan your server outage. If this web server is not in production, or if it has a low enough priority to be stopped briefly, the simplest thing to do would be to modify your configuration files, and then stop and restart Apache. If this is a high-priority production server, you may want to plan the server restart for sometime early in the morning, to minimize downtime. In any event, a backup of any configuration files to be modified is recommended.

Then, find the main Apache configuration file - this is usually called httpd. Below are the lines that should be added to the Apache configuration file: CookieTracking on CookieName Webtrends CookieExpires "6 months" These lines should be added in the appropriate place in the httpd. If this web server hosts only one web site, find the part of the configuration file labeled Main Server Configuration; if more than one site is hosted from the server, these entries may be placed in each virtual host directives section, and they need not be the same for each site.

Naturally, the name of the cookie and the expiration period may be changed, if you wish. If the CookieExpires directive is not used, cookies last only for the current browser session, which could mean Apache may issue a new cookie to returning users, erroneously logging them as unique viewers. Also, keep in mind that a valid cookie name must be specified; results are unpredictable if you use a name containing unusual characters.

Next, find the LogFormat line of your configuration file. Once again, the LogFormat may be defined globally, in the general area of the configuration file, or you may define different LogFormats for each virtual host. LogFormat uses a string of characters, enclosed in double-quotes, to specify what information you would like in your log file, and how it should appear.

This is called the escape character.