[TriLUG] OT - Apache access_log ignore request

Ben Pitzer uncleben at mindspring.com
Tue Apr 6 15:21:13 EDT 2004 

Actually, there was a pretty good article in the February '04 issue of
SysAdmin magazine on using Squid as a reverse HTTP proxy, essentially
blocking out the vast majority of those requests from ever hitting your web
server, as well as the dozens of silly IIS exploit bots that are constantly
trying to get to command.exe, etc.  The article itself is not up on the
website, but I'm sure that somebody could help you find a copy, copy it for
you, or you could see it at your local University library.  Sounds like it's
exactly what you need.

Regards,
Ben Pitzer

---------------------------------------------

"Those that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
 --Ben Franklin--




> -----Original Message-----
> From: trilug-bounces at trilug.org [mailto:trilug-bounces at trilug.org]On
> Behalf Of Howard Boyd II
> Sent: Tuesday, April 06, 2004 10:17 AM
> To: trilug at trilug.org
> Subject: [TriLUG] OT - Apache access_log ignore request
>
>
> I have an application that is sending a request to my Apache server and
> the request is filling up the access_log. The entry in the access_log
> looks like:
>
> <ip of sender> - - [06/Apr/2004:10:00:09 -0400] "GET
> /servlet/STestWebServer?COMMAND=TEST HTTP/1.0" 200 3
>
> I would like to modify my httpd.conf file to ignore logging of these
> specific requests. Ideally, I would like to ignore logging any request
> of the form "/servlet/STestWebServer?COMMAND=TEST". I have modified the
> httpd.conf file as follows:
>
> # Configure to Ignore Unnecessary log records
> SetEnvIf Request_URI "/servlet/STestWebServer" ignore
> ...
>
> CustomLog /logs/http/OrderStatus/access_log common env=!ignore
>
> The above works for me but isn't the exact pattern. If I modify the
> above to:
>
> # Configure to Ignore Unnecessary log records
> SetEnvIf Request_URI "/servlet/STestWebServer?COMMAND=TEST" ignore
> ...
>
> CustomLog /logs/http/OrderStatus/access_log common env=!ignore
>
> It doesn't work. The pattern matching fails.
>
> I'm assuming this has something to do w/ special characters (the
> question mark?)? I've tried escaping things and various other tricks to
> no avail. Could someone please tell me how to match the pattern exactly?
> Thanks!
>
> Howard
>
>
> ***********************************
> *    In my dreams, your dreams come true.
> *    Song: In My Dreams
> *    Artist: Josh Turner
> *    CD: Long Black Train
> ***********************************
>
>
>
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc
>
>

More information about the TriLUG mailing list