Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Access logs keep track of access to parts of the ESB profile. There are two types of access logs in the ESB:

Table of Contents

...

HTTP access logs help you monitor information such as the persons who access the product, how many hits are received, what the errors are, etc. This information is useful for troubleshooting errors.

All WSO2 products can enable access logs for the HTTP servlet transport. This servlet transport works on 9443/9763 ports, and it receives admin/operation requests. Therefore, access logs for the servert transport is useful for analysing operational/admin-level access details. Additionally, in products such as WSO2 Enterprise Service Bus, WSO2 Enterprise Integrator (and WSO2 API Manager), access logs can be generated for the PassThrough and NIO transports. The PassThrough/NIO transports works on 8280/8243 ports and is used for API/Service invocations. By default, the access logs from both the servlet transport and the PassThrough/NIO transports are written to a common access log file located in the <EI_HOME>/repository/logs/ directory.

Note

Note that access logs for the HTTP servlet transport logs details of the request as well as the response on a single log line. However, the access logs for the PassThrough transport logs the request and the response on two separate log lines.

See the topics given below to configure the default behaviour of HTTP access logs in the ESB.

Table of Contents

Configuring access logs for the HTTP servlet transport

As the runtime of WSO2 products is based on Apache Tomcat, you can use the Access_Log_Valve variable in Tomcat as explained below to configure access logs for the HTTP servlet transport:

  1. Open the <EI_HOME>/conf/tomcat/catalina-server.xml file (which is the server descriptor file for the embedded Tomcat integration) 

  2. Customize the attributes for the Access_Log_Valve variable shown below. 

    Code Block
    <Valve className="org.apache.catalina.valves.AccessLogValve" 
                   directory="${carbon.home}/repository/logs"
                   prefix="http_access_management_console_" 
                   suffix=".log"
                   pattern="combined" />

    The attributes that are used by default are explained below. See the descriptions of the Tomcat-supported Access Log Valve attributes and customize the required values.

    directoryThe path to the directory that will store the access log file. By default, this location is set to "${carbon.home}/repository/logs" in all WSO2 products.
    prefixThe prefix added to the log file's name. By default, this is "http_access_management_console_".
    suffixThe suffix added to the log file's name. By default, this is ".log".
    pattern

    The attribute defines the format for the log pattern, which consists of the information fields from the requests and responses that should be logged. The pattern format is created using the following attributes:

    • A standard value to represent a particular string. For example, "%h" represents the remote host name in the request. See the list of string replacement values supported by the Tomcat valve.

    • %{xxx}i is used to represent the header in the incoming request (xxx=header value).
    • %{xxx}o is used to represents the header in the outgoing request (xxx=header value).

    While you can use the above attributes to define a custom pattern, the standard patterns shown below can be used.

    Note that, by default, the "combined" pattern is enabled in the ESB.

  3. Restart the server. According to the default configurations, a log file named http_access_management_console_.{DATE}.log  is created inside the <EI_HOME>/repository/logs  directory. The log is rotated on a daily basis.

Configuring access logs for the PassThrough and NIO transports (Service/API invocation)

Tip

Not that the PassThrough transport is only used by WSO2 Enterprise Service Bus, WSO2 Enterprise Integrator, and WSO2 API Manager.

By default, access logs related to service/API invocation are disabled for performance reasons . If you want to enable them, change in the above products. You should enable these access log only for troubleshooting errors. Follow the steps given below to enable access logs for the PassThrough transport:

  1. Change the log level from WARN to INFO for the following entry in the <EI_HOME>/conf/log4j.properties configuration file.

    Code Block
    languagexml
    log4j.logger.org.apache.synapse.transport.http.access=INFO

Once enabled, the access logs for the service/API will be written to the <EI_HOME>/repository/logs folder. The default name of the log file is http_access_<YYYY>_<MM>_<DD>.log. For example, http_access_2016_08_20.log will be created for activity on August 20, 2016. The log is rotated on a daily basis.

  1. You can customize the format of this access log by

...

  1. changing the following

...

  1. property values in the <EI_HOME>/conf/access-log.properties configuration

...

  1. file. If this file does not exist in the product by default, you can create a new file with the following parameters.

    access_log_directory

...

  1. Add this property ONLY if you want to change the default location of the log file. By default, the product is configured to store access logs in the <EI_HOME>/repository/logs directory.
    access_log_prefix

    The prefix added to the log file's name. The default value is as follows:

    Code Block
    access_log_prefix=http_access_
    access_log_suffix

...

  1. The suffix added to the log file's name. The default value is as follows:

    Code Block
    access_log_suffix=.log
    access_log

...

  1. _file_date_format

    The date format used in access logs. The default value is as follows:

    Code Block
    access_log_file_date_format=yyyy-MM-dd

...

  1. access_log_pattern

    The attribute defines the format for the log pattern, which consists of the information fields from the requests and responses that should be logged. The pattern format is created using the following attributes:

    • A standard value to represent a particular string. For example, "%h" represents the remote host name in the request. Note that all the string replacement values supported by Tomcat are NOT supported for the PassThrough transport's access logs. The list of supported values are given below.

    • %{xxx}i is used to represent the header in the incoming request (xxx=header value).
    • %{

...

    • xxx}o is used to represents the header in the outgoing request (xxx=header value).

    While you can use the above attributes to define a custom pattern, the standard patterns shown below can be used.

...

    • "

...

    •  "%{User-Agent}i

...

    • "

...

  1. By default

...

  1. , a modified version of the Apache combined log format

...

  1. is enabled in the ESB as shown below. Note that the "X-Forwarded-For" header is appended to the beginning of the usually combined log format. This correctly identifies the original node that sent the request

...

  1. (in situations where requests go through a proxy

...

  1. such as a load balancer). The "X-Forwarded-For" header must be present in the incoming request for this to be logged.

...

  1. Code Block
    access_log_pattern=%{X-Forwarded-For}i %h %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-Agent}i\"

...

The Custom Logger supports the below attributes.

  1. Restart the server. 

  2. Invoke a proxy service or REST API that is deployed in the ESB. For testing purposes, use the artifacts in the quick start guide
    The access log file for the service/API will be created in the <EI_HOME>/repository/logs directory. The default name of the log file is http_access_.log.

    Tip

    Note that there will be delay in printing the logs to the log file.

Supported log pattern formats for the PassThrough and NIO transports

AttributeDescription
%a

Remote IP address

%A

Local IP address

%b

Bytes sent, excluding HTTP headers, or '-' if zero

%B

Bytes sent, excluding HTTP headers

%c

Cookie value

%C

Accept header

%e

Accept Encoding

%E

Transfer Encoding

%h

Remote host name (or IP address if enableLookups for the connector is false)

%l

Remote logical username from identd (always returns '-')

%L

Accept Language

%k

Keep Alive

%m

Request method (GET, POST, etc.)

%n

Content Encoding

%r

Request Element

%s

HTTP status code of the response

%S

Accept Chatset

%t

Date and time, in Common Log Format

%T
Content Type

Time taken to process the request in seconds.

%u

Remote user that was authenticated (if any), else '-'

%U

Requested URL path

%v

Local server name

%V

Vary Header

%x

Connection Header

%Z

Server Header

...

By default, access logs for the management console are written to the <EI_HOME>/repository/logs/http_access_management_console_<YYYY>_<MM>_<DD>.log file. It is rotated on a daily basis. To customize the management console's access log, including the location where the file is written and the format, you can edit the <EI_HOME>/conf/tomcat/catalina-server.xml file. In this file, under "Valves", you can find the following access log configuration where you can modify the org.apache.catalina.valves.AccessLogValve attributes.

Code Block
languagexml
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="${carbon.home}/repository/logs"
               prefix="http_access_management_console_" suffix=".log"
               pattern="combined" />

...