tomcat access log配置

搜诶符合你

　　To monitor who is using your server, set up HTTP access logging in
Tomcat. Every request that comes to Tomcat gets a

Setting up Logging
　　To setup access logging, edit the Tomcat server configuration file, ${tomcat_home}/conf/server.xml
and uncomment the AccessLogValve
:

        <Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs"  prefix="localhost_access_log." suffix=".txt"
pattern="common" resolveHosts="false"/>
　　By default the log files are created in the ${tomcat_home}/logs
directory and roll over to a new file at midnight.
　　The log messages can be written in either of two standard web access
log formats by setting the pattern attribute to common

or combined

.
These appear to be the ones used by web log analyseres. Other log
formats can be specified with the pattern attribute.
　　More information on the AccessLogValve and the pattern attribute can
be found on the Tomcat
Valve Configuration Reference
.

Modifying the Log Format
　　
We can extend the "common" and "combined" patterns by appending the
response time for each request. To use this, set the

• 
  common
  
  : pattern="common"
  
• 
  common plus response time
  
  : pattern="%h
  %l %u %t &quot;%r&quot; %s %b %D"
  
• 
  combined
  
  : pattern="combined"
  
• 
  combined plus response time
  
  : pattern="%h
  %l %u %t &quot;%r&quot; %s %b &quot;%{Referer}i&quot;
  &quot;%{User-Agent}i&quot; %D"
  

Using FastCommonAccessLogValve(注意：tomcat6不包含此类)

　　The FastCommonAccessLogValve
has better performance
than the AccessLogValve
. If you are running a
production system, you might consider switching to the FastCommonAccessLogValve
.
The main restriction is that only the "common" and "combined" log
formats can be used.

        <Valve className="org.apache.catalina.valves.FastCommonAccessLogValve"
directory="logs"  prefix="localhost_access_log." suffix=".txt"
pattern="common" resolveHosts="false"/>



The Logging Output
　　Here is a sample  entry from the motherlode logs, using the combined
plus response time
pattern.
　　Example log entry:

82.93.133.81 - joe [01/Jul/2007:08:44:38 -0600] "GET /thredds/dodsC/fmrc/NCEP/GFS/Global_0p5deg/offset/NCEP-GFS-Global_0p5deg_Offset_0.0
hr.dds HTTP/1.1" 200 32707 "null" "IDV/NetcdfJava/HttpClient" 2999

Example Value
Meaning


82.93.133.81
client IP address


-
not used


joe
authenticated username


[01/Jul/2007:08:44:38 -0600]
request time


"GET ..."
HTTP request verb and path


200
HTTP response code


32707
bytes transferred


"null"
Referer


"IDV/NetcdfJava/HttpClient"
client name


2999
response time in msecs

Using Web Log Analysers
　　We have used these two Web Log Analysers, but there are many others
to choose from.

• Sawmill
  commercial,
  full-featured
  
• 
  AWstats
  free