访问日志分析@Tomcat
我们在server.xml文件中启用了以下访问日志模式访问日志分析@Tomcat,tomcat,tomcat-valve,Tomcat,Tomcat Valve,我们在server.xml文件中启用了以下访问日志模式pattern=“%h%h%l%u%t”%r“%s%b位置:%%{location}o” 请有人帮助理解模式中的参数,然后根据下面提到的日志进行分析 10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:02 -0400] "GET / HTTP/1.1" 200 1150 location: - 10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:03 -040
pattern=“%h%h%l%u%t”%r“%s%b位置:%%{location}o”10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:02 -0400] "GET / HTTP/1.1" 200 1150 location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:03 -0400] "GET /prweb/PRServletLDAP2 HTTP/1.1" 500 2375 location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:03 -0400] "GET /prweb/diagnostic/status_fail.gif HTTP/1.1" 304 - location: -
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:46:09 -0400] "GET / HTTP/1.1" 200 1150 location: -
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:46:10 -0400] "GET /prweb/PRServletLDAP2 HTTP/1.1" 500 2375 location: -
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:46:10 -0400] "GET /prweb/diagnostic/status_fail.gif HTTP/1.1" 304 - location: -
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:46:10 -0400] "GET /favicon.ico HTTP/1.1" 304 - location: -
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:46:10 -0400] "GET /favicon.ico HTTP/1.1" 200 21630 location: -
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:46:10 -0400] "GET /favicon.ico HTTP/1.1" 206 1 location: -
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:46:10 -0400] "GET /favicon.ico HTTP/1.1" 206 4982 location: -
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:46:18 -0400] "GET /prweb/PRServlet HTTP/1.1" 500 2375 location: -
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:46:18 -0400] "GET /prweb/diagnostic/status_fail.gif HTTP/1.1" 304 - location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:27 -0400] "GET /prsysmgmt HTTP/1.1" 302 - location: /prsysmgmt/
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:28 -0400] "GET /prsysmgmt/ HTTP/1.1" 200 436 location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:28 -0400] "GET /prsysmgmt/getnodes.action HTTP/1.1" 200 1664 location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:28 -0400] "GET /prsysmgmt/js/global.js HTTP/1.1" 200 4295 location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:28 -0400] "GET /prsysmgmt/nodeframes.action?action=frameTop HTTP/1.1" 200 2736 location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:28 -0400] "GET /prsysmgmt/jsp/services2/DisplayWelcome.jsp HTTP/1.1" 200 503 location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:28 -0400] "GET /prsysmgmt/js/global.js HTTP/1.1" 304 - location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:28 -0400] "GET /prsysmgmt/js/expcollapse.js HTTP/1.1" 200 3586 location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:28 -0400] "GET /prsysmgmt/images/blueCollapse.gif HTTP/1.1" 200 173 location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:28 -0400] "GET /prsysmgmt/images/pega_home.gif HTTP/1.1" 200 663 location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:28 -0400] "GET /prsysmgmt/css/styles.css HTTP/1.1" 200 3080 location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:28 -0400] "GET /prsysmgmt/images/pega_add.gif HTTP/1.1" 200 1145 location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:46:28 -0400] "GET /prsysmgmt/css/desktop.css HTTP/1.1" 200 111141 location: -
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:46:44 -0400] "GET / HTTP/1.1" 302 - location: https://10.100.141.21:8087/
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:46:44 -0400] "GET / HTTP/1.1" 304 - location: -
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:46:44 -0400] "GET /prweb/PRServletLDAP2 HTTP/1.1" 500 2375 location: -
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:46:44 -0400] "GET /prweb/diagnostic/status_fail.gif HTTP/1.1" 304 - location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:47:14 -0400] "GET / HTTP/1.1" 302 - location: https://10.100.141.21:8087/
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:47:14 -0400] "GET / HTTP/1.1" 304 - location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:47:14 -0400] "GET /prweb/PRServletLDAP2 HTTP/1.1" 500 2375 location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:11:47:14 -0400] "GET /prweb/diagnostic/status_fail.gif HTTP/1.1" 304 - location: -
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:47:18 -0400] "GET / HTTP/1.1" 302 - location: https://10.100.141.21:8087/
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:47:20 -0400] "GET / HTTP/1.1" 200 1150 location: -
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:47:20 -0400] "GET /prweb/PRServletLDAP2 HTTP/1.1" 500 2375 location: -
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:47:21 -0400] "GET /prweb/diagnostic/status_fail.gif HTTP/1.1" 304 - location: -
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:47:28 -0400] "GET /psysmgmt HTTP/1.1" 302 - location: https://10.100.141.21:8087/psysmgmt
10.103.64.119 HTTP/1.1 - - [03/Apr/2018:11:47:30 -0400] "GET /psysmgmt HTTP/1.1" 404 1078 location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:12:00:44 -0400] "GET / HTTP/1.1" 304 - location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:12:00:45 -0400] "GET /prweb/PRServletLDAP2 HTTP/1.1" 500 2375 location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:12:00:45 -0400] "GET /prweb/diagnostic/status_fail.gif HTTP/1.1" 304 - location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:12:01:00 -0400] "GET /prweb/PRServlet HTTP/1.1" 500 2375 location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:12:01:00 -0400] "GET /prweb/diagnostic/status_fail.gif HTTP/1.1" 304 - location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:12:02:49 -0400] "GET /prweb/PRServlet HTTP/1.1" 500 2375 location: -
10.103.62.207 HTTP/1.1 - - [03/Apr/2018:12:02:49 -0400] "GET /prweb/diagnostic/status_fail.gif HTTP/1.1" 304 - location: -
模式字段在中进行了解释 看起来您正在使用的模式不是很好,尽管我们不知道您到底想要记录什么。dev服务器不是prod服务器,您可能在不同的环境中有不同的配置 我不会重复文档,但我只想说,这意味着该字段不包含任何信息。 %u仅在对用户进行身份验证时使用,而%l从未使用过。如果没有配置安全约束,可能不需要这两种约束 您正在使用location:%%{location}o记录位置,但只有在使用301或302响应重定向客户端时,服务器才会返回位置标头。这是出于什么原因?不知道 如果您不需要任何特殊的东西,通常的做法是依赖于非常著名的模式,称为common或combined,由于历史原因(跟踪用户活动的日志分析),后者是首选模式。 如文档所述,要激活其中一个,只需使用pattern=“combined”