General :: Syslog - Access Log Of Apache Not Working
Aug 11, 2011
I am running a syslogd on my ubuntu 10.10 system. I have a apache2 server on the same machine. I have configured my apache2.conf file to send the error logs to the local syslog server.
The config is as under :-
LogLevel notice
ErrorLog syslog:local1
I have also configured the /etc/syslog.conf as under :-
local1.info /var/log/apache2/error_logs
I have created a file in the /var/log/apache2 dir with the ownerships and permissions as under:-
-rwxrwxrwx 1 syslog adm 77 2011-08-11 18:14 /var/log/apache2/error_logs
Next I restarted the sysklogd and apache2 servers with a service command as under:-
sudo service sysklogd restart
sudo service apache2 restart
I thereafter observed the /var/log/apache2/error_logs file and found the entries for apache2 closing down and coming up as under:-
Aug 11 18:14:14 cc apache2[4940]: [notice] caught SIGTERM, shutting down
Aug 11 18:14:19 cc apache2[5282]: [notice] ModSecurity for Apache/2.5.12 [URL] configured.
Aug 11 18:14:19 cc apache2[5282]: [notice] Original server signature: Apache/2.2.16 (Ubuntu) mod_ssl/2.2.16 OpenSSL/0.9.8o
Aug 11 18:14:20 cc apache2[5285]: [notice] Apache/2.2.16 (Ubuntu) mod_ssl/2.2.16 OpenSSL/0.9.8o Microsoft-IIS/5.0 configured -- resuming normal operations
Now the problem is I donot get any other messages thereafter. So it is hardly useful. How can I increase the logged messages from apache. I tried the facility:
local1.*
Then restarted the sysklogd and apache2, but the contents of the /var/log/error_logs file remained similar. Next, I followed the link. I created the perl script for recording access logs of apache2. I then restarted the apache2 and sysklogd. when I opened my website from a browser, the access log did not work. I think I am getting something wrong with the facility value , in apache2.conf it is ErrorLog syslog:local1 ! but the script is suggesting that it should be local2 in the line 4
openlog('apache','cons','pid','local2');
I therefore changed the script to local1 in above line. But still no access log?
I am looking for an open source syslog server which accumulate the each and every log of Windows, Solaris, Linux and network devices. Currently I am using Syslog-ng which is not fulfiling my requirement in Windows clients, as I need the logs of every action which user performed after logon.
Having some memory loss i think (in my head not my pc). I have set up apache before , then changed to dsl in the last week and cant seem to get this new modem/router to work. i can get the loopback address to work, as well as the network ip. can NOT get my other machines to hit the server on the network . also no connection from outside the network from port 80. my modem is a motorola (att) ,apache2 on my toshiba laptop, amd x2, 3gigs ram.
in the directory of /var/log , i see some directory like apache2 , apt , gdm , i wonder does all these folders was made under the syslogd ? i mean do these utilities use syslogd to log their messages or they use their own systems , for example apache use syslog or use its own library?
I want to run a linux command with apache through web browser and that's is not working. and it's working properly when I execute this command through terminal, where is the problem?
NOTE: apache have the privileges to execute the command
I have a Name-based virtualhost website in Apache, what i want to do is to disable direct ip access to the site and allow only through web address (www.mysite.com, and not through xxx.xxx.xxx.xxx). Or at least show a default page / not found page
I presume this can be acomplished with Mod_Rewrite and .htaccess but i just wanted to know if there is a more global option for this
I have googled this a lot but i can only find posts related to ip host restriction rules, which is not what i want
I have web server apache on linux Centos. I can access it successfully by typing on the address bar http://localhost, 127.0.0.1 or 192.168.0.150 from the local computer server and the site loads normally with graphic. When I access the site from another computer in the same local network, I don't get the correct website. I see the site like html as text not graphic. Please see below text file output from the browser: Also I can only access the site by typing 192.168.0.150 IP address in the address bar. When I type http://localhost or 127.0.0.1, the site does not come up. Do you see what I did wrong? How can I fix this problem.
I am getting this error whenever I access the page:
Code: PHP Warning: fgets(): supplied argument is not a valid stream resource Any idea whats all about? I explored and found it permission issue. I want to put a user call paul in apache group.Any idea how can I do that?
I was unable to access my dedicated server for few minutes. I have checked the apache error logs and found below notice: [notice] caught SIGTERM, shutting down I have tried to search from Google but could not find much information about this error.
There are some log files that I wish to get some information from (Apache Access Log) but it is huge! All I need as of right now is any information from date and time A to date and time B. What commands can I use to extract this information from the access_log and put it into another file with just that information? I created a file called "access_info" by doing Code: touch access_info but I was not sure where to go from there.
I currently have an Apache Web Server running on Ubuntu 10.4 and I use a DynDNS service to make them accessible to the outside world via a domain and/or subdomain.
This works fine from access outside of the network and all subdomains resolve to the correct directory.
The problem I am having is with accessing a subdomain over my internal network.
I can access the Web Server using the server's IP address: http://192.168.1.123/ but this always takes me to the same virtual host and I don't know how to distinguish between different virtual hosts (different subdomains).
Ideally I would like to access the same subdomains using http://<subdomain>/ where <subdomain> is the same as the subdomain attached to the external domain name.
I'm looking into setting up logging for Samba that logs every file downloaded, uploaded, renamed, deleted, etc, etc. It's currently working, but I'm trying to get it to output to /var/log/samba/audit.log and it's still outputtin Here are my current settings:
I have a requirement related to the apache access log file format: When a user access my local site, http authentication will be displayed:
Code: username: saagar password: 123 I wish to have the LogFormat in the configuration file in such a way that the username and password (saagar/123 in this case) will be logged in the /var/log/apache2/mysite_access_log file. I used the %u parameter as follows: Code: LogFormat "%h %u "%r" %>s %b" common CustomLog /var/log/apache2/mydreamhome_access.log common and it works, similarly I wish the password too to be displayed in the access_log file.
i want to access to my samba shares index (or contents) trough http. something like this: [URL] i read something about aliases...i wrote this in the httpd.conf:
I have a LAMP server configured. Yesterday, I had a test.php file displaying everything fine. I transferred some files over to the new server and now I can't connect to the test page, webmin, or phpmyadmin. I think it has something to do with Apache but Im not sure what to do next. I have restarted Apache, MySql and all services are running.
I am installing Big Brother on a CentOS 5.2 running the default Apache 2.2.3. When I try to access any web page I get the following error: Forbidden You don't have permission to access /bb/ on this server. Apache/2.2.3 (CentOS) Server at fmsubbnix Port 80 So far I have:
1) Set the Directory options to FollowSymLinks 2) Verified all directory and file permissions are at 755 3) Set permissions temporarily to 777 and received same error so I am assuming the issue is in a config file somewhere 4) in hhtpd.conf verified <Files ~ "^.ht"> is correct 5) verified the "default" directory is correct (/var/www/html)
I have read and tried several ideas in posts listed on the web but to no avail and am at a loss as to what to look for next..
wants to remove everything else that (presumably) has syslog as a dependency. how do I replace the dependency on syslog with a dependency on syslog-ng?
I noticed in my system that my root partition is getting full. I found a lot of old compacted syslogfiles. Had a look at etc/sysconfig editor eg cron but could not find a setting which allows to delete files older than a month. Where and how could I influence this ? I deleted manually all syslog files older than a month. Approx 6GB
Im trying to config my intranet to be accessible from inside the network (lan) without need of password and ask for a passwd for those who are viewing from Wan ....
Today my intranet can only be accessed from Lan, external access give me an Unauthorized message, I took look around, try #irc and still can get the appropriated help, I hope that someone here could help me on that...
After NFS mounting some system folders (i.e. lib, usr) of a slave cluster node to /lib & /usr located on the master cluster server I got into some problems: I forgot Ubuntu 10.04 was installed on this particular slave node, while the master node runs 9.10. Now, I am not able to unmount these folders using umount, or restart the system using shutdown, I get some error: " /lib/libblkid.so.1: version `BLKID_2.17' not found". Is there an alternative way to unmount these NFS shares, or to restart the system to undo the mounts? The systems are located elsewhere, so just physically restarting the system would not be the preferred option.
I have a host system which is running Ubuntu and a guest system which is running Debian_squeeze on qemu VM. I need to send created traffic from Ubunto to Apache2 web server which is running on Debian. I made a bridge, and I can access internet from Debian, but this access is limited! I can just open some URLs not all of them! My question is how I can access the webserver from ubuntu?
I happened to be looking at my Apache-2.2.8 log on an Ubuntu LTS 8.04.4 system, and noticed a few lines like this: Code: 61.160.212.242 - - [06/Mar/2010:07:04:41 -0800] "GET http://218.30.115.246/ HTTP/1.1" 200 295 "-" "-" 61.160.212.242 - - [06/Mar/2010:07:05:29 -0800] "GET http://218.30.115.246/ HTTP/1.1" 200 295 "-" "-" xxx.xxx.xxx.xxx - - [06/Mar/2010:07:56:15 -0800] "GET http://218.30.115.246/ HTTP/1.1" 400 290 "-" "-"
(The third line is me telnetting to the server and trying to issue the same request. Note that I got a 400 error response, while the guy coming from 61.160.212.242 got 200s. Also, if you just open the http://218.30.114.246/ URL, you get back "hello" (nothing else, just 5 characters). I'm presently putting together a bootable CD with chkrootkit to run on the machine. (I found a thread that mentioned in passing that this was related to PHP, which I have running on that Apache server, but my Google-fu isn't strong enough to track down the original thread.) (After checking with chkrootkit: nothing unusual found.)
