2

I try to make Tomcat conditionally skip logging, so the access log isn't filled with lots of local application to application communication entries.

At the moment I have the following in server.xml:

<Valve className="org.apache.catalina.valves.RemoteIpValve" />
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="/var/log/alfresco"
prefix="tomcat.access." suffix=".log" conditionUnless="???" pattern="combined" />

As you can see, I use the RemoteIpValve to show me the X-Forwarded-For values, instead of local IP's. But to filter the actual logging, I can see I can use 'conditionUnless' in Tomcat >7.0.30 (which I use). But After lots of searches, I can't find any working example and/or more detailed instructions than those in the Tomcat documentation about this Valve (https://tomcat.apache.org/tomcat-7.0-doc/config/valve.html#Access_Log_Valve).

Can someone help me with an example and/or pointers on how to exclude the following:

  1. everything coming from IP "127.0.0.1" and/or
  2. all traffic to the application / relative URL: "/abc/.*"

Desparately, I already filled in "/abc/.*" as the value for conditionUnless (in the place of the questionmarks), but that didn't do anything.

Amit Dalal
  • 642
  • 8
  • 20
user4729922
  • 21
  • 1
  • 4
  • Did you get this figured out? Can you post your answer? – DavidGamba Jan 22 '16 at 18:11
  • I'm afraid not. No responses en couldn't find a solution myself. – user4729922 Jan 25 '16 at 12:05
  • Thanks, after reviewing different posts and this [thread](https://www.mail-archive.com/users@tomcat.apache.org/msg116396.html) I decided to do the filtering after the fact. I operate mostly as a dev ops guy and I can't add a jar file to my production servers without full regression. – DavidGamba Jan 26 '16 at 20:11

1 Answers1

2

It's easy!

Just edit server.xml, here is mine:

    <Valve className="org.apache.catalina.valves.RemoteIpValve" />
    <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
               prefix="localhost_access_log" suffix=".txt" conditionUnless="junk"
           pattern="%{x-forwarded-for}i %l %u %t &quot;%r&quot; %s %b %Ts %{uid}r &quot;%{User-Agent}i&quot;" />

I use apache mod proxy, so I wanted to replace all the 127.0.0.1 calls with the user's actual ip address. I also wanted to add the users id and user agent to the logs. Customize it however you want and display it however you want. The documentation for all the % stuff is here:

https://tomcat.apache.org/tomcat-8.5-doc/api/org/apache/catalina/valves/AbstractAccessLogValve.html

The key to your question is here: conditionUnless="junk" That is all you need to add to your AccessLogValve Valve config in server.xml to get it working.

Then all you do is create a Filter, or inside your servlet, jsp page, etc that you want to filter out, you just add the following code:

    request.setAttribute("junk", true);

For example:

class JunkFilter extends OncePerRequestFilter {

    public void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
        String originalUri = request.getRequestURI()
        if (originalUri.indexOf("/abc/") != -1) {
            request.setAttribute("junk", true);
        }
        if (request.getHeader('x-forwarded-host').indexOf("127.0.0.1") != -1) {
            request.setAttribute("junk", true);
        }
    }
}

Register the filter and you are all set!

If you want bonus points, add the users id to the logging:

    request.setAttribute("uid", user == null? "anon" : user.id)
Scott David Murphy
  • 421
  • 4
  • 8