Preventing Apache from logging HAProxy requests

apache-2.2haproxy

I have two HAProxy VMs and two Apache VMs (vagrant machines) as follows.

192.168.50.11 HAPROXY VM1
192.168.50.12 HAPROXY VM2
192.168.50.21 APACHE VM1
192.168.50.22 APACHE VM2

The problem I'm having is the Apache access.log file is growing every second, because both HAProxy servers are pinging both Apache servers even when there is no request from any client. I need to stop recording unnecessary logs like shown below. I have the keepalived service running on both HAProxy servers.

$sudo tail -f /var/log/apache2/access.log

192.168.50.11 - - [09/Jul/2016:12:46:49 +0000] "OPTIONS / HTTP/1.0" 200 180 "-" "-"
192.168.50.11 - - [09/Jul/2016:12:46:51 +0000] "OPTIONS / HTTP/1.0" 200 180 "-" "-"
192.168.50.12 - - [09/Jul/2016:12:46:51 +0000] "OPTIONS / HTTP/1.0" 200 180 "-" "-"
192.168.50.11 - - [09/Jul/2016:12:46:51 +0000] "OPTIONS / HTTP/1.0" 200 180 "-" "-"
192.168.50.11 - - [09/Jul/2016:12:46:53 +0000] "OPTIONS / HTTP/1.0" 200 180 "-" "-"
192.168.50.12 - - [09/Jul/2016:12:46:53 +0000] "OPTIONS / HTTP/1.0" 200 180 "-" "-"
192.168.50.11 - - [09/Jul/2016:12:46:53 +0000] "OPTIONS / HTTP/1.0" 200 180 "-" "-"
192.168.50.11 - - [09/Jul/2016:12:46:55 +0000] "OPTIONS / HTTP/1.0" 200 180 "-" "-"
192.168.50.12 - - [09/Jul/2016:12:46:55 +0000] "OPTIONS / HTTP/1.0" 200 180 "-" "-"
192.168.50.11 - - [09/Jul/2016:12:46:55 +0000] "OPTIONS / HTTP/1.0" 200 180 "-" "-"
.......
.......

These are not actual requests from anyone.

haproxy.cfg

global
    log /dev/log local0
    log 127.0.0.1 local1 notice
    user haproxy
    group haproxy
    maxconn 2000
    daemon

defaults
    log global
    mode http
    option httplog
    option dontlognull
    retries 3
    timeout connect 5000
    timeout client 50000
    timeout server 50000

frontend http-in
    bind 192.168.50.10:80
    default_backend webservers

backend webservers
    balance roundrobin
    stats enable
    stats auth admin:admin
    stats uri /haproxy?stats
    option httpchk
    option forwardfor
    option http-server-close
    server webserver1 192.168.50.21:80 check
    server webserver2 192.168.50.22:80 check

Best Answer

The trick is to set an environment flag for certain requests with the SetEnvIf directive and then instruct Apache to not log requests matching that:

SetEnvIf Request_URI \.gif do-not-log-this-request
SetEnvIf Remote_Addr "192\.168\.50\.11" do-not-log-this-request
SetEnvIf Request_Method OPTIONS do-not-log-this-request

CustomLog logs/access_log common env=!do-not-log-this-request
Related Topic