Apache custom-log format with regex expression

apache-2.2loggingmod-jk

We have apache webserver as "entry" for incoming traffic it then delegates to tomcats with mod_jk.

We want to log the HTTP digest username, sample header:

Authorization: Digest username="Mufasa",
                     realm="testrealm@host.com",
                     nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
                     ...

Unfortunately using the '%u' doesn't work as described. My guess is as we authenticate on tomcat side (apache delegates calls to tomcat with mod_jk) the own logging facility of apache doesn't know how to access the digest-username (because own auth module is bypassed).

To workaround this: Is there a custom log-format expression with regex matching for, e.g. telling to extract username="(.*?)" from 'Authorization' header and push to logs?

Best Answer

SetEnvIf Authorization username="([^"]+)" digest_username=$1
LogFormat "%h %l %{digest_username}e %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined_with_user
CustomLog /path/to/log combined_with_user

Haven't tested, so not sure if Apache is going to choke on the quotes in the SetEnvIf (they may need escaped) - but this should be pretty close.

Related Solutions

Ubuntu – Apache Custom Log Format

Apache server docs are your friend: http://httpd.apache.org/docs/2.1/mod/mod_log_config.html#customlog

CustomLog entries are either in the global scope or virtual hosts. In Ubuntu you should have a sites-available and sites-enabled directories. If you are not using virtual hosts, this should go in the /etc/apache2/sites-availabe/default file

As far as I can tell, you can't do custom logs per directory, but that shouldn't be too hard to do with whatever you are using to parse the apache logs

Have you given any thought to using a web platform to handle downloads and also log those downloads to a database? Apache seems cumbersome for this.

Here is an example in Myna but you can do something similar in PHP, ColdFusion, etc:

example link:

    <a href="/myna/download.sjs?f=somefile.pdf">

The download.sjs page:

    // assumes a table a called "downloads" in the database "my_app" 
    // also assumes that the user has authenticated and has auth cookie

    var downloads = new Myna.DataManager("my_app").getManager("downloads")

    //clean the filename
    var filename = $req.rawData.f.replace(/\.\.\//g,"");
    //get the data...should really check for failure here
    var data = new Myna.File("file:/var/files/" + filename).readBinary();

    //log the download to the DB
    downloads.create({
        userid:$cookie.getAuthUserId(),
        filename:f,
        ts:new Date()
    })

    //send the binary data to the browser
    $res.prinBinary(data,"application/octet-stream",filename);

Apache: Is it possible to set a default custom log format to be used by all vhosts

Are you asking just for the log format definition in one place?

In your main server config, use the LogFormat directive:

LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common

Note the end vhost_common is the nickname.

Then, you can specify in each vhost block to use that format for the log:

CustomLog logs/myvhost.access.log vhost_common

Best Answer

Related Solutions

Ubuntu – Apache Custom Log Format

Apache: Is it possible to set a default custom log format to be used by all vhosts

Related Topic