How do you tell Spring Boot to send the embedded Tomcat's access logs to stdout?

Question

In a standalone Spring Boot web application (executable jar), how do you tell Spring Boot that we want the embedded Tomcat instance's HTTP access logs to be sent to stdout?

I think you would just need to set the logging level to debug because spring and tomcat logs are set to info by default. The logs would have the fully qualified class name so you'd know the source of the log. — Rahul Sharma, Apr 21 '16 at 22:55
@RahulSharma the logging level has no impact at all on the appender output location (e.g. file, stdout, URL, etc). We need all output (including Tomcat access logs) to go to stdout. Everything exception Tomcat is easy, it is the Tomcat logs that are hard. — Les Hazlewood, Apr 22 '16 at 01:42
Sorry I thought you wanted to see 100% of the logs. And from the [docs](https://docs.spring.io/spring-boot/docs/current/reference/html/boot-features-logging.html#boot-features-logging-file-output) spring boot writes logs to console by default so I don't know why you don't see them. Also, are you using embedded tomcat? If yes, have a look at the embedded server properties [here](https://docs.spring.io/spring-boot/docs/current/reference/html/common-application-properties.html) — Rahul Sharma, Apr 22 '16 at 10:03

Sebastian · Answer 1 · 2019-02-11T15:06:43.360

37

Update 2019.02.11:

These inks should be useful to map which properties you should set in application.properties:

@acohen answer is slightly correct. If you provide the empty double quotes it won't work. I will extend his answer because I think it's important for people who don't want to mess with adding dependencies or modifying code:

config/application.properties

# here we say that we want to enable accesslog
server.tomcat.accesslog.enabled=true

# it is important to understand what the options means:
# 'directory/prefix + suffix + file-date-format' will be
# the file that tomcat will try to open.
# /dev/stdout is standard output, so we want tomcat
# to write to that fd. Then, we need to play with
# directory, prefix, suffix and file-date-format to match our desired path.
server.tomcat.accesslog.directory=/dev
server.tomcat.accesslog.prefix=stdout
server.tomcat.accesslog.buffered=false

# Don't use empty double quotes, see below
server.tomcat.accesslog.suffix=
server.tomcat.accesslog.file-date-format=

Notes

If you set file-date-format and suffix to be double quotes, you will have this error:

java.io.FileNotFoundException: /dev/stdout"""" (Permission denied)

If you don't include them in the config file, you will then be using defaults values and this error:

java.io.FileNotFoundException: /dev/stdout.2019-02-07.log (Permission denied)

If you leave them empty, then it will work.

edited Feb 11 '19 at 15:06

answered Feb 07 '19 at 05:09

Sebastian

4,770
4
42
43

I tried for undertow, it still says Failed to create access log directory 'logs'. i used server.undertow.accesslog.directory=/dev – ravthiru Feb 08 '19 at 05:16
@ravthiru I'm not familiar with undertow, maybe guessing this [doc](https://docs.spring.io/spring-boot/docs/current/api/org/springframework/boot/autoconfigure/web/ServerProperties.Undertow.Accesslog.html) the option for undertow is `dir` (because method is `getDir()`) instead of `directory`. It's just a guess, tell me how did that went :) – Sebastian Feb 09 '19 at 18:20
I'm running the app inside a docker container so I wrote to the directory /proc/1/fd with prefix "1" but for some reason it is adding "management_" before it. Failed to open access log file [/proc/1/fd/management_1] – AFP_555 Jun 10 '19 at 23:41
@AFP_555 I also run this inside docker. Not sure why `management_` is being prefixed. Sounds like a logger configuration. Do you have a working example? – Sebastian Jun 11 '19 at 02:34
@Sebastian It showed that error but afterwards everything was working as expected. Although it would be nice not to see that error. I think the cause is that we are using the "management.*" configurations of the embedded server. – AFP_555 Jun 11 '19 at 03:40
I can confirm that the management was happening because of the management.* configurations in the embedded server. It has all the access logs of the management endpoints (mainly /actuator/health) – AFP_555 Jun 24 '19 at 06:10
1

Just a note: this is not cross-platform compatible and is Linux-specific. @JohanB's answer (using the newer `TomcatServletWebServerFactory` instead) works on all platforms. – Les Hazlewood Feb 24 '20 at 18:02
@LesHazlewood then stop using windows for serving APIs :) – Sebastian Feb 25 '20 at 18:37
@Sebastian I don't lol, but it's good to know it's not platform-independent like most Java solutions ;) – Les Hazlewood Feb 25 '20 at 19:05
not sure about the last statement. If you ask out there, there's only a few devs/engineers that uses Java just because portability. Most of them uses java because is the only thing they know. And now, with docker you also eliminate that thing. API portability layer is: docker. – Sebastian Feb 25 '20 at 19:21
If you are looking for server.xml solution `` This is xml equivalent to this answer. – arulraj.net Feb 13 '22 at 23:44

JohanB · Accepted Answer · 2018-05-02T10:56:21.507

17

If you use Logback, you can use logback-access for this.

Add dependency ch.qos.logback:logback-access

Optional Javaconfig to add TeeFilter (request & response logging):

@Bean(name = "TeeFilter")
public Filter teeFilter() {
    return new ch.qos.logback.access.servlet.TeeFilter();
}

Javaconfig for embedded tomcat:

@Bean
public EmbeddedServletContainerFactory servletContainer() {
    TomcatEmbeddedServletContainerFactory tomcat = new TomcatEmbeddedServletContainerFactory();

    // put logback-access.xml in src/main/resources/conf
    tomcat.addContextValves(new LogbackValve());

    return tomcat;
}

Contents for logback-access.xml (save in src/main/resources/conf)

<configuration>
  <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
    <encoder>
      <Pattern>combined</Pattern>
      <Pattern>%fullRequest%n%n%fullResponse</Pattern>
    </encoder>
  </appender>

  <appender-ref ref="STDOUT" />

</configuration>

edited May 02 '18 at 10:56

answered Apr 22 '16 at 09:55

JohanB

2,068
1
15
15

We do indeed use Logback and already have used the console appender :) The missing piece was the `TomcatEmbeddedServletContainerFactory` bean config. Great answer! – Les Hazlewood Apr 24 '16 at 02:33
In Spring Boot, it will attempt to find the valve filename as a classpath resource - if "src/main/resources" is in your filename literal, it won't be able to find it. – Michael Apr 27 '18 at 15:50
A better way is to put the `logback-access.xml` file under `src/main/resources/conf`. From the docs: By default, LogbackValve looks for a configuration file called logback-access.xml, in the same folder where server.xml is located, that is in $TOMCAT_HOME/conf/. – JohanB May 02 '18 at 10:53

score 9 · Answer 3 · answered Dec 07 '18 at 17:50

9

This did it for me on Spring Boot 2.x:

server.tomcat.accesslog.enabled=true
server.tomcat.accesslog.directory=/dev
server.tomcat.accesslog.prefix=stdout
server.tomcat.accesslog.buffered=false
server.tomcat.accesslog.suffix=""
server.tomcat.accesslog.file-date-format=""

answered Dec 07 '18 at 17:50

okrunner

3,083
29
22

are you running this on pivotal/ cf? – Madhusudanan K K C Mar 04 '20 at 13:43
Full example with `application.yml`: https://stackoverflow.com/a/62002598/8718377 – veben May 25 '20 at 12:46

score 4 · Answer 4 · answered Jun 19 '18 at 19:52

4

Here's the followup up on the great answer from JohanB, for Spring Boot 2.0.0+.

In Spring Boot 2.0.0, the EmbeddedServletContainerFactory was replaced with TomcatServletWebServerFactory. All other aspects of JohanB's answer still works correctly the factory bean creation just needs to be modified:

@Bean
public TomcatServletWebServerFactory servletContainer() {
    TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();
    // put logback-access.xml in src/main/resources/conf
    tomcat.addContextValves(new LogbackValve());
    return tomcat;
}

answered Jun 19 '18 at 19:52

Chris Paika

89
4

How to use this? i.e., where I put it? – Evandro Coan Jul 17 '20 at 01:39
You have to put it in a Java class, with @Configuration annotated on the class so Spring loads the beans defined within it – Chris Paika Jul 18 '20 at 13:50

score 3 · Answer 5 · edited Apr 07 '23 at 19:10

JohanB's solution works, but if you don't want to write code, someone did it better and wrapped Server access logs in a nice Spring Boot starter. It covers Tomcat, Jetty and Undertow.

Just add the dependency:

<dependency>
    <groupId>net.rakugakibox.spring.boot</groupId>
    <artifactId>logback-access-spring-boot-starter</artifactId>
    <version>2.7.1</version>
</dependency>

And a logback-access.xml file at the classpath root:

<configuration>
    <appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender">
        <encoder>
            <pattern>common</pattern>
        </encoder>
    </appender>
    <appender-ref ref="CONSOLE" />
</configuration>

and the access logs are printed to stdout:

127.0.0.1 - - [08/févr./2019:11:23:30 +0100] "GET /password HTTP/1.1" 200 32

At this point you will need to create the TeeFilter Bean on your own if you want to print the full HTTP request & response for debugging.

Link does not work anymore – user871611 Mar 08 '23 at 10:50 — user871611, Mar 08 '23 at 10:50

How do you tell Spring Boot to send the embedded Tomcat's access logs to stdout?

5 Answers5

Update 2019.02.11:

config/application.properties

Notes

Linked