On Fri, Jul 26, 2013 at 12:39:37PM -0700, Jignesh Badani wrote: > Thanks Pete, yes, post processing the log file nightly is the option I was > considering. I am doing it currently on a per request basis. But I was > hoping to avoid it if I could do it in real time by calling on B64 decode > on the cookie. I do not see the advantage in doing it in real time over post-processing. The docs are pretty clear on this too. http://httpd.apache.org/docs/2.4/logs.html#piped says As with conditional logging, piped logs are a very powerful tool, but they should not be used where a simpler solution like off-line post-processing is available. which is good advice. > Piped logs is an option I did not consider even though I am currently using > it for logs rotation. Can you suggest how I can achieve what you are > proposing w/o loosing out on the log rotation functionality. > > I have the following in my httpd config: > > ------- > CustomLog "|/opt/apache/bin/rotatelogs /opt/apache/logs/access_log 86400" > combined env=!dontlog > > #where dontlog are a couple of load balancers IP address I want to keep out > of the access logs. > > ----------- If you go against the advice in the documentation and decide to do it with piped logs just use something like CustomLog "|/path/to/filterprog | /opt/apache/bin/rotatelogs /opt/apache/logs/access_log 86400" combined env=!dontlog And remember the docs also say: Piped log processes are spawned by the parent Apache httpd process, and inherit the userid of that process. This means that piped log programs usually run as root. It is therefore very important to keep the programs simple and secure. Good luck, Pete -- Openstrike - improving business through open source http://www.openstrike.co.uk/ or call 01722 770036 / 07092 020107
Attachment:
pgpRgutG6lAqz.pgp
Description: PGP signature
|