Introduction to Access Logging in Ubuntu Server
In the default Ubuntu 6.06 LAMP server, the Apache webserver does not keep an access log. Apache’s access log is useful if you want to use a program to analyze the logs, or if you are just curious. An access log generally contains details about every request, who made it, and the time every request was made. Turning on access logging is easy to do. You need to edit the /etc/apache2/apache2.conf file with a text editor. Adding this line will make Apache start logging to the default access log location in the combined log format:
CustomLog /var/log/apache2/access.log combined
For the changes to take effect you need to restart Apache. The following command will restart Apache in Ubuntu.
sudo /etc/init.d/apache2 restart
If someone has accessed the server the log will show the details. You can then view your log using the less command or any text editor:
less /var/log/apache2/access.log
Apache’s access logs can be configured however you like. You can easily change the location of the log and the log format. You can create your own log format with the LogFormat directive. The LogFormat directive takes a format string and associates it with a nickname. The example below creates a simple LogFormat with the nickname “onlyip” which will just create a list of IP addresses. (“%h” prints the IP address.) To learn more about making your own format strings see the link at the end of this post.
LogFormat "%h" onlyip
You can create a new log file by using the CustomLog directive. Here, I created a new log file by specifying a path and the nickname of the LogFormat I want to use. You can have as many access logs as you like.
CustomLog /var/log/apache2/iplist.log onlyip
Remember to restart Apache for you changes to take effect. This tutorial is just scratching the surface of what you can do with access logging in Apache on an Ubuntu Sever. For details on making your own format strings, and on general access logging see this page in the Apache docs.
Archived Comments
Nikhil
Lucid apache2 install seems to have access and error logs on by default. Guess that is a good thing..
Jakob
This is exactly what I expected to find out after reading the title tu » Introduction to Access Logging in Ubuntu Server. Thanks for informative article