Apache或实名httpd提供日志。这些日志在检测错误、攻击时非常有用。默认情况下,有两种类型的Apache日志。日志位于以下目录中。
null
日志路径
由于不同发行版的名称不同,Apache日志存储在不同的路径中。 DEB 或者apt family用这个名字 apache2 并将日志存储为 apache2 但是 这个 RPM 百胜家族使用这个名字 httpd 并将日志存储在 httpd 目录。
/var/log/httpd/
- 森托斯
- 红帽
- 软呢帽
/变量/日志/apache2/
- 乌班图
- 德比安
- 卡利
正在获取日志文件目录
可以使用Apache配置更改日志文件目录。在配置文件中查找精确的日志路径
Ubuntu、Debian、Kali
$ grep -r ErrorLog /etc/apache2
CentOS,软呢帽,红帽子
$ grep -r ErrorLog /etc/httpd
错误记录
错误日志通常与服务和http请求错误相关。对于不同的分布,存在不同的路径,但通常使用相似的路径。
我们可以读取如下错误日志。我们使用 较少的 阅读。
$ less /var/log/httpd/error_log[Wed Nov 02 10:39:21.845702 2016] [suexec:notice] [pid 11753] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.122.179. Set the 'ServerName' directive globally to suppress this message [Wed Nov 02 10:39:21.863409 2016] [auth_digest:notice] [pid 11753] AH01757: generating secret for digest authentication ... [Wed Nov 02 10:39:21.863914 2016] [lbmethod_heartbeat:notice] [pid 11753] AH02282: No slotmem from mod_heartmonitor [Wed Nov 02 10:39:21.965402 2016] [mpm_prefork:notice] [pid 11753] AH00163: Apache/2.4.6 (CentOS) PHP/5.4.16 configured -- resuming normal operations [Wed Nov 02 10:39:21.965427 2016] [core:notice] [pid 11753] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
我们也可以用grep搜索错误文件
$ grep suexec /var/log/httpd/error_log [Wed Nov 02 10:39:21.845702 2016] [suexec:notice] [pid 11753] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Wed Nov 02 12:02:22.495005 2016] [suexec:notice] [pid 11947] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Wed Nov 02 12:04:32.052658 2016] [suexec:notice] [pid 11965] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
访问日志
访问日志通常提供与http请求相关的信息,对于繁忙的站点,会生成大量的信息。访问日志将提供有关请求或访问apacheweb服务器的尝试的以下信息。
- 客户端IP地址
- 日期和时间
- 请求URI
- HTTP状态代码
- 客户端浏览器
$ less /var/log/httpd/access_log192.168.122.1 - - [02/Nov/2016:10:39:51 +0000] "GET /owncloud HTTP/1.1" 301 229 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36" 192.168.122.1 - - [02/Nov/2016:10:39:51 +0000] "GET /owncloud/ HTTP/1.1" 200 10986 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36" 192.168.122.1 - - [02/Nov/2016:10:39:51 +0000] "GET /owncloud/core/css/styles.css?v=ba222ded25d957b900c03bef914333cd HTTP/1.1" 200 21989 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36" 192.168.122.1 - - [02/Nov/2016:10:39:51 +0000] "GET /owncloud/core/css/inputs.css?v=ba222ded25d957b900c03bef914333cd HTTP/1.1" 200 8973 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36" 192.168.122.1 - - [02/Nov/2016:10:39:51 +0000] "GET /owncloud/core/css/header.css?v=ba222ded25d957b900c03bef914333cd HTTP/1.1" 200 7338 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36" 192.168.122.1 - - [02/Nov/2016:10:39:51 +0000] "GET /owncloud/core/css/icons.css?v=ba222ded25d957b900c03bef914333cd HTTP/1.1" 200 8018 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36" 192.168.122.1 - - [02/Nov/2016:10:39:51 +0000] "GET /owncloud/core/css/fonts.css?v=ba222ded25d957b900c03bef914333cd HTTP/1.1" 200 728 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36"
搜索特定的HTTP状态错误
我们可以用grep像错误日志一样搜索 access_log 文件。
$ grep 404 /var/log/httpd/access_log 192.168.122.1 - - [02/Nov/2016:10:40:44 +0000] "GET /owncloud/index.php/core/preview.png?file=%2FownCloud+Manual.pdf&c=d299b7320e9d9fda4420ba86181ea2a5&x=32&y=32&forceIcon=0 HTTP/1.1" 404 - "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36" 192.168.122.1 - - [02/Nov/2016:10:41:13 +0000] "GET /owncloud/index.php/core/preview.png?file=%2FownCloud+Manual.pdf&c=d299b7320e9d9fda4420ba86181ea2a5&x=32&y=32&forceIcon=0 HTTP/1.1" 404 - "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36"
相关文章: 如何用Netsh命令行管理Windows防火墙?
Apache日志文件Infografic
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
![关于”PostgreSQL错误:关系[表]不存在“问题的原因和解决方案-yiteyi-C++库](https://www.yiteyi.com/wp-content/themes/zibll/img/thumbnail.svg)
