What do you think? Discuss, post comments, or ask questions at the end of this article [More about me]

Problem

Apache logs are an excellent resource for monitoring and auditing server activity and requests.  However, often there are certain requests that you might not want to log.  For example, on my confluence server when using synchrony for collaborative editing, Apache logs like crazy.  The following is how you can configure apache to not log certain requests.

Solution

You can use SetEnvIf to designate certain requests (or string parts of requests) by some indicator, and then instruct apache to log all requests that DO NOT match said indicator.

First we'll need to modify apache config.  Depending on your setup, you might modify /etc/apache2/apache.conf or you might modify the .conf file that defines your log (when using a CustomLog for example).  On my server setup, I use a CustomLog to log access and requests.  Hence, I needed to modify

/etc/apache2/conf-available/other-vhosts-access-log.conf

Where other-vhosts-access-log.conf is the apache conf file that defines my log format etc.

Use vim (or another text editor) to modify your log format:

sudo vim /etc/apache2/conf-available/other-vhosts-access-log.conf

You'll now need to use SetEnvIf to designate certain requests by some indicator.  See below for an example of which designates certain request URI's as "is-nolog""

/etc/apache2/conf-available/other-vhosts-access-log.conf
# do not log the following
SetEnvIf Request_URI "^/chat/heartbeat.action" is-nolog=1
SetEnvIf Request_URI "^/chat/getonlineuser.action$" is-nolog=1
SetEnvIf Request_URI "^/synchrony/" is-nolog=1
SetEnvIf Request_URI "^/json/startheartbeatactivity.action$" is-nolog=1
SetEnvIf Request_URI "^/crowd/rest/usermanagement/1/config/cookie$" is-nolog=1
SetEnvIf Request_URI "^/s/" is-nolog=1

SetEnvIf User-Agent "(internal dummy connection)" is-nolog=1
SetEnvIf Remote_Addr "^10\.0\.0\.138" is-nolog=1

# Define an access log for VirtualHosts that don't define their own logfile
CustomLog ${APACHE_LOG_DIR}/access.log vhost_combined env=!is-nolog

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

Each Request_URI line uses a simple regex expression (the ^ character looks for request segments starting with the following text, and the $ character means that request string ends here) to identify the request patterns to mark as is-nolog.

Note that we simply need to then append "env=!is-nolog" to tell the CustomLog not to log the previously designated "is-nolog" patterns.

Note also that you can match other request properties as well (such as host, user-agent, referrer etc.).  See here for more information on that.

Finally, we need to reload or restart apache:

Reloading apache2 service on Ubuntu (for example)
sudo service apache2 reload

Reference

  1. https://www.howtoforge.com/setenvif_apache2
  2. https://serverfault.com/questions/213668/ignore-heartbeat-in-apache-access-logs