HTTP access logging
You can configure access log settings for HTTP endpoints. An HTTP access log contains a record of all inbound client requests that are handled by HTTP endpoints.
You can enable access logging in the Open Liberty Server in two modes, a single log for multiple endpoints or one log for each endpoint. If you do not specify attributes, the defaults are used. To see a list of the default attributes, see httpAccessLogging.
HTTP access log settings
You can configure HTTP access log settings either for multiple endpoints that share common log settings or for individual endpoints.
Settings for a common log
To enable logging for multiple endpoints with common settings, include httpAccessLogging
as a top-level element in your server.xml
file. Reference this element from multiple httpEndpoint
elements, as shown in the following example.
<httpAccessLogging id="accessLogging"/>
<httpEndpoint id="defaultHttpEndpoint" accessLoggingRef="accessLogging" httpPort="9080" httpsPort="9443"/>
<httpEndpoint id="otherHttpEndpoint" accessLoggingRef="accessLogging" httpPort="9081" httpsPort="9444"/>
Settings for distinct logs for each endpoint
To enable logging for individual endpoints, use an accessLogging
child element and specify a file path that does not conflict with other logs, as shown in the following example.
<httpEndpoint id="defaultHttpEndpoint" httpPort="9080" httpsPort="9443">
<accessLogging filepath="${server.output.dir}/logs/http_defaultEndpoint_access.log"/>
</httpEndpoint>
HTTP access log format
Use the accessLogFormat
property to specify the information and format you want to include in the NCSA access log for an HTTP transport channel. The value for this property is a space-separated list of options.
Specify the log format string with the logFormat
attribute of httpAcccessLogging
or accessLogging
elements in the server.xml
file, as shown in the following examples.
In the following server.xml
file example, The logformat
attribute for the httpAcccessLogging
element specifies the log format string. Multiple endpoints can specify this string by referencing the accessLogging
configuration ID.
<httpAccessLogging id="accessLogging" logFormat='%h %u %{t}W "%r" %s %b %D %{R}W'/>
In the following server.xml
file example, the logformat
attribute for the accessLogging
subelement specifies the log format string for a specific endpoint that is defined in the httpEndpoint
element.
<httpEndpoint id="defaultHttpEndpoint" httpPort="9080" httpsPort="9443">
<accessLogging filepath="${server.output.dir}/logs/http_defaultEndpoint_access.log"
logFormat='%h %i %u %t "%r" %s %b %D %{R}W' />
</httpEndpoint>
The following table lists the available log format options.
Log format option | Description |
---|---|
%a | The remote IP address |
%A | The local IP address |
%b | The response size in bytes excluding the headers |
%B | The response size in bytes excluding the headers. If no value is found, |
%{CookieName}C or %C | The request cookie that is specified within the brackets. If the brackets are not included, print all of the request cookies. |
%D | The elapsed time of the request, in microseconds |
%h | The remote host |
%i or %{HeaderName}i | The |
%m | The request method |
%o or %{HeaderName}o | The |
%q | Output the query string with any password masked |
%r | The first line of the request |
%{remote}p | The ephemeral port of the client that made the request |
%{R}W | Service time of the request from the moment the request is received until the first set of bytes of the response is sent - millisecond accuracy, microsecond precision |
%s | The status code of the response |
%t | The start time of the request, in NCSA format |
%{t}W | The end time of the request, in NCSA format |
%u | The remote user according to the Open Liberty-specific |
%U | The URL Path, not including the query string |
Each option can be enclosed in quotation marks, but the quotation marks are not required. Unless otherwise noted, a value of -
is printed for an option if the requested information cannot be obtained for that option.
The order that you specify the options determines the format of this information in the log. For example, you might specify the following directives as the value for the accessLogFormat
property:
%h %i %u %t "%r" %s %b %D %{R}W
Based on this setting, the NCSA access log includes the following information for each request in the specified order:
The remote host
The HeaderName header value from the request
The remote user according to the WebSphere Specific $WSRU header
The NCSA format of the start time of the request
The first line of the request
The status code of the response
The response size in bytes excluding headers
The elapsed time of the request in microseconds, end-to-end, including client and network time
The elapsed time in microseconds until the first bytes of the response are sent. This value is often a close approximation of application response time.
Time-based HTTP access log rollover
You can enable time-based periodic rollover of your HTTP access log file by specifying a log rollover start time and a log rollover interval duration. The specified rollover start time is the time of day when the HTTP access log file first rolls over. The rollover interval duration is the time interval between consecutive HTTP access log file rollovers.
For example, a server with a rollover start time of midnight and a rollover interval of 1 day rolls over the HTTP access log once every day, at midnight.
Enable time-based rollover of your HTTP access log file by using the rolloverStartTime
and rolloverInterval
attributes of the httpAcccessLogging
or accessLogging
elements in the server.xml
file. The following table lists the two attributes, their respective descriptions, and their permitted values.
Time-based log rollover attribute | Description |
---|---|
| Use this setting alone or with the |
| Use this setting alone or with the |
The following examples demonstrate how to enable time-based periodic rollover for the HTTP access log file in the httpAcccessLogging
and accessLogging
elements. The rolloverStartTime
attribute is set to midnight and the rolloverInterval
attribute is set to 1 day.
In the following server.xml
file example, the rolloverStartTime
and rolloverInterval
attributes for the httpAcccessLogging
element specify the log rollover start time and interval for multiple endpoints that reference the accessLogging
configuration ID.
<httpAccessLogging id="accessLogging`" rolloverStartTime="00:00" rolloverInterval="1d"/>
In the following server.xml file example, attributes for the accessLogging
subelement specify configuration for a specific endpoint that is defined in the httpEndpoint
element. The rolloverStartTime
and rolloverInterval
attributes specify the log rollover start time and interval for the endpoint.
<httpEndpoint id="defaultHttpEndpoint" httpPort="9080" httpsPort="9443">
<accessLogging filepath="${server.output.dir}/logs/http_defaultEndpoint_access.log"
rolloverStartTime="00:00" rolloverInterval="1d" />
</httpEndpoint>