NaviServer - programmable web server
4.99  5.0

[ Main Table Of Contents | Table Of Contents | Keyword Index ]

ns_accesslog(n) 5.0.0a nslog "NaviServer Module Commands"

Name

ns_accesslog - Query and control access log parameters

Table Of Contents

Synopsis

Description

This command controls and configures the access log of the server. The access log records all served requests of a server containing timestamp, IP address of the requester, the queried resource, the HTTP result code, the transmitted amount of data, etc. In general, it follows the more or less standardized access log file format (NCSA format, common log format) but can be influence to contain more information, useful for log file analysis, debugging and statistics.

In most cases, the access log is controlled via the parameter specified in the configuration file (see below). For example, when the server is running in reverse proxy mode, the value provided by the reverse proxy server via request header fields will be reported in the log file instead of the IP address of the physically connected host. Several parameters can be queried and altered as well at run-time via the command ns_accesslog.

COMMANDS

ns_accesslog extendedheaders ?headers?

Return a list of the HTTP header fields which will be appended to each entry in the access log. If headers is given it replaces the existing setting.

By default, all specified header fields are request header fields (like e.g., {Referer x-forwarded-for}). Optionally one can specify the request header fields with a prefix "request:" or "response" to denote request or response header fields. The prefix can be abbreviated to 3 characters (example: {req:Host response:content-type}). Note that always the request header fields are reported before the response header fields. Caveat: certain response header fields (e.g., "Date" or "Server" are not accessible this way).

ns_accesslog file ?filepath?

Sets or gets the filepath of the access log. When filepath is not provided, the command teturns the path of the access log for the current virtual server.

If filepath is given then the old log is closed and the log re-opened at the new location. All the components of filepath must exist. If an error occurs logging will be disabled.

ns_accesslog flags ?flags?

Returns a list of the enabled logging options, or reset the list if a new set of flags is given. Valid flags are: logcombined, formattedtime, logpartialtimes, logreqtime, checkforproxy, and suppressquery. They have the same meaning as the similarly named configuration parameters.

ns_accesslog maxbackup ?nrfiles?

Sets or gets the number of backup files which will be kept when log rolling is enabled. If nrfiles is given it replaces any existing value.

ns_accesslog maxbuffer ?nrlines?

Sets or gets the maximum number of lines to buffer before being flushed to the log file.

ns_accesslog roll ?filepath?

Rolls the access log (see ns_rollfile for details). Keep maxbackup old log files around. If filepath is given then it overrides the configuration parameter file as the new log file.

ns_accesslog rollfmt ?timeformat?

Sets of gets the timeformat which is appended to the log filename when rolling. The format string is as understood by the Tcl clock command. If timeformat is given then it replaces any existing value.

CONFIGURATION

The nslog module is loaded per-server.

 ns_section "ns/server/server1/modules" {
   ns_param   nslog   nslog.so
 }
 ns_section "ns/server/server1/module/nslog" {
   ns_param   ...
 }

The following are valid configuration parameters:

checkforproxy

If true then the value of the x-forwarded-for HTTP header is logged as the IP address of the client. Otherwise, the IP address of the directly connected host is logged. Default: false.

The parameter

checkforproxy

is deprecated in favor of the more general reverse proxy mode of the server.

driver

Name of the driver initiating the requests. This option can be used to produce different access logs for requests submitted via different drivers to sort out e.g. local server talk. Per default, every request is logged. When a value is provided, only requests are logged in this log file when the request comes from a driver matching the provided glob pattern.

file

String: path to the log file. Default: access.log

extendedheaders

A space separated list of additional HTTP headers whose values should be logged. Default: no extra headers are logged.

formattedtime

If true, log the time in common-log-format. Otherwise log seconds since the epoch. Default: true.

logcombined

If true, log the referrer and user-agent HTTP headers (NCSA combined format). Default: true.

logpartialtimes

If true then include the high-resolution start time of the request together with partial request durations (accept, queue, filter, run) in the access log. Default: false.

logreqtime

If true then log the total amount of time the request took to run in seconds and milliseconds. Default: false.

masklogaddr

Mask IP address in log file for GDPR (similar to the "anonip" IP anonymizer of the Swiss privacy foundation). When this parameter is set, all IP addresses are masked in the log file, such that the host-specific (= person-specific) information is masked out and the IP address does not match a particular individual anymore. Still, with the masking turned on, reverse DNS lookup and/or geolocation is possible. Default: false.

maskipv4

Mask to be used for IPv4 addresses, when masklogaddr is true. Default: 255.255.255.0

maskipv6

Mask to be used for IPv6 addresses, when masklogaddr is true. Default: ff:ff:ff:ff::

maxbuffer

The number of log entries to buffer before flushing to the log file. Default: 0.

rolllog

If true then the log file will be rolled. Default: true.

rollhour

The hour of the day (0-23) to roll the log file if log rolling is enabled. Default: 0 (midnight).

maxbackup

Number of old log files to keep when log rolling is enabled. Default: 100.

rollonsignal

If true then the log file will be rolled when the serve receives a SIGHUP signal. Default: false.

suppressquery

If true then the query (everything after the ? in the URL) is not logged. Default: false.

EXAMPLES

The path of the active access log.

nscp:1> ns_accesslog file
/home/ns/servers/server1/modules/nslog/access.log
 
nscp:2> ns_modulepath server1 nslog access.log
/home/ns/servers/server1/modules/nslog/access.log

The access log can be rolled manually.

nscp:1> ns_accesslog roll

Extended logging options can be configured at run-time.

nscp:1> ns_accesslog flags
logCombined
 
nscp:2> ns_accesslog flags {logcombined formattedtime}
logcombined formattedtime
 
nscp:3> ns_accesslog extendedheaders
 
nscp:4> ns_accesslog extendedheaders {Cookie Accept}
Cookie Accept

Example for writing multiple access logs per driver for a single server: In this example, the loopback traffic is written to a separate log file.

 #
 # Configure extra nssock driver for loopback traffic
 #
 ns_section "ns/modules" {
   ns_param loopback  ${bindir}/nssock
 }
 
 ns_section ns/module/loopback {
   ns_param	defaultserver	$server
   ns_param	address		127.0.0.1
   ns_param	port		8888
 }
 
 #
 # Load nslog modules twice with different names
 #
 ns_section ns/server/${server}/modules {
   ns_param	nslog		${bindir}/nslog
   ns_param	nslog2		${bindir}/nslog
 }
 
 #
 # Configure driver patterns (default "*")
 #
 ns_section ns/server/${server}/module/nslog2 {
   ns_param	file	  ${logroot}/access-loopback.log
   ns_param	driver 	  "loopback"
 }
 ns_section ns/server/${server}/module/nslog {
   ns_param	file	  ${logroot}/access.log
   ns_param	driver 	  "ns*"
 }

See Also

ns_log, ns_rollfile

Keywords

ipaddress, logging, module, nslog, path, reverse proxy, server built-in