TLUG Mailing List

Mailing List Archive

tlug.jp Mailing List tlug archive tlug Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Apache: Log: how to log only certain errors?

Date: Sun, 23 Jun 2002 00:11:58 +0900

From: Stoyan Zhekov <sto@example.com>

Subject: Re: [tlug] Apache: Log: how to log only certain errors?

References: <F186pdLLe3N4vBlcI5900003b16@example.com>

Organization: ZHware Co.
> So this only works for status codes ... what about if I only want to log 
> requests between 1am and 3am and only those that returned more than 10k?

On our servers I use SetEnvIf for log splitting. For example for worms attacks:
(cmd.exe, root.exe, default.ida):

SetEnvIf   Request_URI   "cmd\.exe"   ATTACK
SetEnvIf   Request_URI   "root\.exe"   ATTACK
......

CustomLog   attack_log  common env=ATTACK
CustomLog   access_log  common env=!ATTACK

Maybe you can use this with regexp for time or size.
 
Attachment: pgp00016.pgp
Description: PGP signature

References:

Re: [tlug] Apache: Log: how to log only certain errors?
From: Jean-Christian Imbeault

Prev by Date: Re: [Re: [tlug] CVS and Japanese files]

Next by Date: Re: [tlug] Root - NO KDE

Previous by thread: Re: [tlug] Apache: Log: how to log only certain errors?

Next by thread: [tlug] preserving permissions settings

Index(es):

Date

Thread

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links