I am going through the post jetty logging and trying to figure out what is meaning of every attribute that prints
123.4.5.6 - - [27/Aug/2004:10:16:17 +0000] "GET /jetty/tut/XmlConfiguration.html HTTP/1.1" 200 76793 "http://localhost:8080/jetty/tut/logging.html" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040614 Firefox/0.8"
I am got the answers for some but still not able to figure out for some as mentioned below.
Please correct me if I am wrong for other attributes as well.
Recent versions of Jetty log requests with the CustomRequestLog
format.
Which has 2 default "NCSA" formats for output (along with a few others and the ability to customize the format)
NCSA_FORMAT
- syntax declaration of "%{client}a - %u %t \"%r\" %s %O"
EXTENDED_NCSA_FORMAT
- syntax of NCSA_FORMAT
+ " \"%{Referer}i\" \"%{User-Agent}i\""
So, according to the documentation on CustomRequestLog
, that means that the following output ...
123.4.5.6 - - [27/Aug/2004:10:16:17 +0000] "GET /jetty/tut/XmlConfiguration.html HTTP/1.1" 200 76793 "http://localhost:8080/jetty/tut/logging.html" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040614 Firefox/0.8"
is actually one of the extended NCSA formats.
Broken down like this ...
123.4.5.6
: the %{client}a
which is the request.getRemoteHost()
-
: the -
a hardcoded string of -
in Jetty, that entry would have been the "remote log name user", but since Jetty doesn't support identd, we don't have a means to fill this value out (identd is old school tech that never saw a big adoption for http)-
: the %u
which is the authenticated user name, which comes from Jetty internal APIs (eg: Request.getAuthentication()
or Authentication.getUserIdentity()
- this only works if your webapp is using Servlet security / authentication / authorization - custom authentication techniques will not have this entry filled out.[27/Aug/2004:10:16:17 +0000]
: the %t
which is the Jetty API Request.getTimeStamp()
which is set in stone when the request was finished being parsed, but before its dispatched to a handler or webapp for processing."GET /jetty/tut/XmlConfiguration.html HTTP/1.1"
: the \"%r\"
which is the raw "Request Line" used in HTTP. Which is the first line of the HTTP request. (or request.getMethod()
+ request.getOriginalURI()
+ request.getProtocol()
)200
: the %s
which is the status as committed on the response obtained from the Jetty internal API response.getCommittedMetadata().getStatus()
(this API exists because the HttpServletResponse
is mutable, and many webapps tend to modify it after it's been sent which would mean we log a value that wasn't actually sent if we used the standard servlet API here)76793
: the %O
which is the bytes sent on the network as part of the response which comes from the Jetty internal APIs response.getHttpChannel().getBytesWritten()
"http://localhost:8080/jetty/tut/logging.html"
: the \"%{Referer}i\"
which is request Referer
line (yes, it's spelled incorrectly, but there's ancient HTTP history here for why that's the case). It comes from request.getHeader("Referer")
, which can be empty in many cases."Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040614 Firefox/0.8"
: the \"%{User-Agent}i\"
is the same as above, but for the User-Agent
request header.You can customize this output in countless ways, just read the CustomRequestLog
apidoc and create a format of your own that has what you want and/or what you are looking for.