ns_accesslog - Query and control access log parameters
This command controls and configures the access log. It can change settings at run-time.
Returns the path of the access log for the current virtual server.
If ?new-path? is given then the old log is closed and the log re-opened at the new location. All the components of ?new-path? must exist. If an error occurs logging will be disabled.
Roll the access log (see ns_rollfile for details). Keep maxbackup old log files around. If ?new-path? is given then it overrides the configuration parameter 'file' as the new log file.
Get the ?time-format? which is appended to the log file name when rolling. The format string is as understood by the Tcl clock command. If ?time-format? is given then it replaces any existing value.
Get the number of backup files which will be kept when log rolling is enabled. If ?keep? is given it replaces any existing value.
Return a list of the enabled logging options, or reset the list if a new set of flags is given. Valid flags are: logcombined, formattedtime, logpartialtimes, logreqtime, checkforproxy, and suppressquery. They have the same meaning as the similarly named configuration parameters.
Return a list of the HTTP header fields which will be appended to each entry in the access log. If ?new-headers? is given it replaces the existing setting.
By default, all specified header fields are request header fields (like e.g. "Referer X-Forwarded-For"). Optionally one can specify the request header fields with a prefix "request:" or "response" to denote request or response header fields. The prefix can be abbreviated to 3 characters (example: "req:Host response:Content-Type"). Note that always the request header fields are reported before the response header fields. Caveat: certain response header fields (e.g. "Date" or "Server" are not accessible this way).
Set or get the maximum number of lines to buffer before being flushed to the log file.
The nslog module is loaded per-server.
ns_section "ns/server/server1/modules" {
ns_param nslog nslog.so
}
ns_section "ns/server/server1/module/nslog" {
ns_param ...
}
The following are valid configuration parameters:
If true then the value of the X-Forwarded-For HTTP header is logged as the IP address of the client. Otherwise, the TCP peer address is logged. Only enable this if you run your own, trusted proxy server. Default: false.
Name of the driver initiating the requests. This option can be used to produce different access logs for requests submitted via different drivers to sort out e.g. local server talk. Per default, every request is logged. When a value is provided, only requests are logged in this log file when the request comes from a driver matching the provided glob pattern.
String: path to the log file. Default: access.log
A space separated list of additional HTTP headers whos value should be logged. Default: no extra headers are logged.
If true, log the time in common-log-format. Otherwise log seconds since the epoch. Default: true.
If true, log the referrer and user-agent HTTP headers (NCSA combined format). Default: true.
If true then include the high-resolution start time of the request together with partial request durations (accept, queue, filter, run) in the access log. Default: false.
If true then log the total amount of time the request took to run in seconds and milliseconds. Default: false.
Mask IP address in log file for GDPR (similar to the "anonip" IP anonymizer of the Swiss privacy foundation). When this parameter is set, all IP addresses are masked in the log file, such that the host-specific (= person-specific) information is masked out and the IP address does not match a particular individual anymore. Still, with the masking turned on, reverse DNS lookup and/or geolocation is possible. Default: false.
Mask to be used for IPv4 addresses, when masklogaddr is true. Default: 255.255.255.0
Mask to be used for IPv6 addresses, when masklogaddr is true. Default: ff:ff:ff:ff::
The number of log entries to buffer before flushing to the log file. Default: 0.
If true then the log file will be rolled. Default: true.
The hour of the day (0-23) to roll the log file if log rolling is enabled. Default: 0 (midnight).
Number of old log files to keep when log rolling is enabled. Default: 100.
If true then the log file will be rolled when the serve receives a SIGHUP signal. Default: false.
If true then the query (everything after the ? in the URL) is not logged. Default: false.
The path of the active access log.
nscp:1> ns_accesslog file /home/ns/servers/server1/modules/nslog/access.log nscp:2> ns_modulepath server1 nslog access.log /home/ns/servers/server1/modules/nslog/access.log
The access log can be rolled manually.
nscp:1> ns_accesslog roll
Extended logging options can be configured at run-time.
nscp:1> ns_accesslog flags
logCombined formattedTime
nscp:2> ns_accesslog flags {logcombined formattedtime checkforproxy}
logcombined formattedtime checkforproxy
nscp:3> ns_accesslog extendedheaders
nscp:4> ns_accesslog extendedheaders {Cookie Accept}
Cookie Accept
Example for writing multiple access logs per driver for a single server: In this example, the loopback traffic is written to a separate log file.
#
# Configure extra nssock driver for loopback traffic
#
ns_section "ns/modules" {
ns_param loopback ${bindir}/nssock
}
ns_section ns/module/loopback {
ns_param defaultserver $server
ns_param address 127.0.0.1
ns_param port 8888
}
#
# Load nslog modules twice with different names
#
ns_section ns/server/${server}/modules {
ns_param nslog ${bindir}/nslog
ns_param nslog2 ${bindir}/nslog
}
#
# Configure driver patterns (default "*")
#
ns_section ns/server/${server}/module/nslog2 {
ns_param file ${logroot}/access-loopback.log
ns_param driver "loopback"
}
ns_section ns/server/${server}/module/nslog {
ns_param file ${logroot}/access.log
ns_param driver "ns*"
}