1

I would like to know if there any way by which we can do conditional logging in apache access logs. AccessLogValve from $CATALINA_HOME/conf/server.xml

    <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
           prefix="localhost_access_log" suffix=".txt"
           pattern="%{X-Forwarded-For}i %h %l %u %t &quot;%r&quot; %s %b" />
    <Context path="" docBase="/usr/share/tomcat8/webapps/ROOT/www" reloadable="true" crossContext="true"/>

For example: I don't want to log a URL which passes sensitive information /email/somesensitve information. Is there any way I can specify this in server.xml or any other ways.

This is how we could specify in apache httpd https://www.howtoforge.com/setenvif_apache2 SetEnvIf Request_URI "^/email/token$" dontlog

Raghu K Nair
  • 3,854
  • 1
  • 28
  • 45

1 Answers1

2

The solution is to use define condition attribute in Server.xml 

<Valve className="org.apache.catalina.valves.FastCommonAccessLogValve" directory="logs" 
               prefix="access_log." suffix=".txt" pattern="common" resolveHosts="false" condition="donotLog" />

Define a RequestFilter implementing Filter

public class RequestFilter implements Filter {
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
        throws IOException, ServletException {
    try {
        if ( request instanceof HttpServletRequest){
            HttpServletRequest httpServletRequest = (HttpServletRequest)request;
            String url = getFullURL(httpServletRequest);
            //initialize pattern only once
            if (pattern == null){
                String fPattern = filterConfig.getInitParameter("donotLogPattern");
                LOGGER.info("FilterPattern {}",fPattern);
                pattern = Pattern.compile(fPattern);
            }
            //If find a pttern then set do not log condition
            if (pattern.matcher(url).find()){
                LOGGER.info("Setting donotLog attribute");
                request.setAttribute("donotLog","true");
            }
        }
      ...

Define this init-params in web.xml 

 <filter>
<filter-name>requestFilter</filter-name>
<filter-class>com.netgear.hms.config.RequestFilter</filter-class>
<init-param>
    <param-name>logParam</param-name>
    <param-value>donotLog</param-value>
</init-param>
<init-param>
    <param-name>donotLogPattern</param-name>
    <param-value>creditCard|passowrd</param-value>
</init-param>
Raghu K Nair
  • 3,854
  • 1
  • 28
  • 45