/
Monitoring Access Logs

This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Monitoring Access Logs

Dec 02, 2021

HTTP access logs help you monitor information such as the persons who access the product, how many hits are received, what the errors are, etc. This information is useful for troubleshooting errors.

All WSO2 products can enable access logs for the HTTP servlet transport. This servlet transport works on 9443/9763 ports, and it receives admin/operation requests. Therefore, access logs for the servlet transport is useful for analysing operational/admin-level access details. Additionally, in WSO2 API Manager (WSO2 API-M), WSO2 Enterprise Service Bus (WSO2 ESB), and WSO2 Enterprise Integrator (WSO2 EI)  you can generate access logs for the PassThrough and NIO transport as well. The PassThrough and NIO transport works on 8280/8243 ports and is used for API/Service invocations. By default, the access logs from both the Servlet transport and the PassThrough transport are written to a common access log file located in the <API-M_HOME>/repository/logs directory.

To configure the default behaviour of HTTP access logs in WSO2 API-M, see the following topics.

Configuring access logs for the HTTP Servlet transport

The HTTP Servlet transport related access logs, logs details of the request as well as the response on a single log line.

As the runtime of WSO2 products is based on Apache Tomcat, you can use the Access_Log_Valve variable in Tomcat as explained below to configure access logs for the HTTP Servlet transport:

  1. Open the <API-M_HOME>/repository/conf/tomcat/catalina-server.xml file, which is the server descriptor file for the embedded Tomcat integration.

  2. Customize the attributes for the Access_Log_Valve variable shown below. 

    <Valve className="org.apache.catalina.valves.AccessLogValve" directory="${carbon.home}/repository/logs" prefix="http_access_" suffix=".log" pattern="combined"/>

    The attributes that are used by default are explained below. See the descriptions of the Tomcat-supported Access Log Valve attributes and customize the required values.

  3. Restart the server.
    According to the default configurations, a log file named http_access_.{DATE}.log  is created inside the <API-M_HOME>/repository/logs  directory. The log is rotated on a daily basis.

Configuring access logs for the PassThrough or NIO transports (Service/API invocation)

The PassThrough and/or NIO transport related access logs, logs the request and the response on two separate log lines.

By default, access logs related to service/API invocation are disabled for performance reasons in the above products. You should enable these access log only for troubleshooting errors. Follow the steps given below to enable access logs for the PassThrough or NIO transport:

  1. Add the following entry in the <API-M_HOME>/repository/conf/log4j.properties configuration file.

    log4j.logger.org.apache.synapse.transport.http.access=INFO

  2. Create a file named <API-M_HOME>/repository/conf/access-log.properties with the following configuration and customize it as required.
    You can customize the format of your PassThrough or NIO access logs based on the configurations in your  access-log.properties file.

    # Default access log pattern #access_log_pattern=%{X-Forwarded-For}i %h %l %u %t \”%r\” %s %b \”%{Referer}i\” \”%{User-Agent}i\” # combinded log pattern #access_log_pattern=%h %l %u %t \”%r\” %s %b \”%{Referer}i\” \”%{User-Agent}i\” access_log_pattern=time=%t remoteHostname=%h localPort=%p localIP=%A requestMethod=%m requestURL=%U remoteIP=%a requestProtocol=%H HTTPStatusCode=%s queryString=%q # common log pattern #access_log_pattern=%h %l %u %t \”%r\” %s %b # file prefix access_log_prefix=http_gw # file suffix access_log_suffix=.log # file date format access_log_file_date_format=yyyy-MM-dd #access_log_directory=”/logs”

  3. Add the following configuration in the <API-M_HOME>/repository/conf/nhttp.properties file.
    You need to add this configuration in order to make sure that the access logs related to the PassThrough and NIO transports are rotated on a daily basis. If this configuration is not set, all the access log details related to the PassThrough and NIO transports will get logged in a single file. The date will be appended to the access log when it is rotated.

    nhttp.is.log.rotatable=true

  4. Restart the server. 

  5. Invoke an API in WSO2 APIM.
    For testing purposes, use the artifacts in the quick start guide
    The access log file for the service/API will be created in the <API-M_HOME>/repository/logs directory in the following format.

    <access_log_prefix>.log 

    For example, http_gw.log file. 

Supported log pattern formats for the PassThrough or NIO transports

Attribute

Description

Attribute

Description

%a

Remote IP address

%A

Local IP address

%b

Bytes sent, excluding HTTP headers, or '-' if zero

%B

Bytes sent, excluding HTTP headers

%c

Cookie value

%C

Accept header

%e

Accept Encoding

%E

Transfer Encoding

%h

Remote host name (or IP address if enableLookups for the connector is false)

%l

Remote logical username from identd (always returns '-')

%L

Accept Language

%k

Keep Alive

%m

Request method (GET, POST, etc.)

%n

Content Encoding

%r

Request Element

%s

HTTP status code of the response

%S

Accept Chatset

%t

Date and time, in Common Log Format

%T

Content type

%u

Remote user that was authenticated (if any), else '-'

%U

Requested URL path

%v

Local server name

%V

Vary Header

%x

Connection Header

%Z

Server Header