Skip to main content
Version: 3.14.x.x LTS

Using the Apache CustomLog

You may configure additional log facilities using the CustomLog http://httpd.apache.org/docs/2.2/mod/mod_log_config.html#customlog directive of the Apache server within the navajo.xml. These log facilities may be configured on an instance .

Example:

<Server
 ...
 User="nvpuser">
 <CustomLogs>"|/opt/nevisproxy/bin/bclogmgr size=100000000 archives=5
/var/opt/nevisproxy/default/logs/custom.log" "{ \"time\": \"%t\", \"ip\": \"%h\",
\"reqF\": \"%r\", \"dTr1B\": \"%{dTr1B}e\" }"</CustomLogs>
</Server>

Conditional log

Apache's CustomLog directive may also be used to log conditionally by checking the existence of an environment variable.

The following example shows how to write a dedicated log file containing the ciphers used by clients when communicating to nevisProxy. A Lua script within the CipherTrace filter sets the lua_cipher_changed variable, whenever a log message shall be written while the CipherTraceLogger configures the log appender.

<filter>
 <filter-name>CipherTrace</filter-name>
 <filter-class>ch::nevis::isiweb4::filter::lua::LuaFilter</filter-class>
 <init-param>
  <param-name>Script.InputHeaderFunctionName</param-name>
  <param-value>cipherLock</param-value>
 </init-param>
 <init-param>
  <param-name>Script</param-name>
  <param-value>
   function cipherLock(request, response)
    currentCipher = request:getEnv("SSL_CIPHER")
    if currentCipher == nil then
     return
    end
    session = request:getSession(true)
    prevCipher = session:getAttribute("lua:cipher")
    if prevCipher == nil then
     session:setAttribute("lua:cipher", currentCipher)
     request:setEnv("lua_cipher_changed", "initial")
     request:setEnv("lua_cipher", currentCipher)
    else
     if currentCipher ~= prevCipher then
      session:setAttribute("lua:cipher", currentCipher)
      request:setEnv("lua_cipher_changed", "changed")
      request:setEnv("lua_cipher", currentCipher)
     end
    end
   end
  </param-value>
 </init-param>
</filter>

<filter>
 <filter-name>CihperTraceLogger</filter-name>
 <filter-class>ch:nevis:navajo:apglue:httpd_${HTTPD_LIB_VERSION}_x:servlet:ApacheConfigFilter</filter-class>
 <filter-lib>@PKG_HOME@/webapp/WEB-INF/lib/libApache${HTTPD_LIB_VERSION}_Servlet.so.1</filter-lib>
 <init-param>
  <param-name>ServerConfig</param-name>
  <param-value>
   CustomLog "|@PKG_HOME@/bin/bclogmgr size=100000000 archives=5 @PKG_VAR@/${PKG_INSTANCE}/logs/cipher.log" "{ \"time\": \"%t\", \"ip\": \"%h\", \"reqF\": \"%r\", \"trID\": \"%{UNIQUE_ID}e\", \"cipher\": \"%{lua_cipher}e\", \"reason\": \"%{lua_cipher_changed}e\" }" env=lua_cipher_changed
  </param-value>
 </init-param>
</filter>