Here's my sample configuration:
frontend www-http
bind *:80
acl status_error status ge 400
http-response set-log-level err if status_error
default_backend www-backend
backend www-backend
server backend 127.0.0.1:8080
With this config, all responses with status 200 are being logged but 400 and below isn't. If I remove the acl and http-response line, then everything is logged.
I've added those lines to the default config, and I didn't touch any rsyslog configuration. I've tested this in HAProxy 1.5.8 (Debian 8) and 1.6.3 (Ubuntu 16.04).
Best Answer
(It's four years later, but perhaps still relevant.)
Using HAProxy 2.2 this approach works for me to have conditional and HTTP-only requests/connection logging on one frontend:
I chose to have
notice
level globally, as TCP backends could be very noisy if the global level isinfo
. Note thatnotice
is a higher severity level thaninfo
in syslog; that was one part confusing me at first.The condition
if { status ge 400}
is an inline expression as an example, but you could also use an ACL or some other condition of course.Relevant basics on HAProxy logging in this blog: haproxy.com/blog: Introduction to HAProxy Logging.