You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by km...@rockwellcollins.com on 2012/09/11 23:45:22 UTC
Limiting Subversion noise in apache logs
I've always been slightly annoyed with Apache 401 "unauthorized" log
entries
when accessing a Subversion repository. I realize these are part of the
standard authentication "handshake" via the http protocol.
(Always ask anonymously first...)
I also realize that mod_dav_svn can now provide a custom log file, but I
like
my apache logs. On a busy server, these can get to be tens of gigabytes
per
day. I'm not aware of a way to limit log entries based upon return status
codes...
As a test, I think I have been able to abuse the rewrite_module to get rid
of these apache 401 log entries and I was wondering if any
Apache/Subversion
gurus could poke holes in why this either doesn't work or shouldn't be
used:
<IfModule rewrite_module>
# Do not log authentication required responses
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteCond %{LA-U:REMOTE_USER} =""
RewriteCond %{REQUEST_URI} !-U
RewriteRule .* - [Last, ENV=dontlog:1]
</IfModule>
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog "logs/access.log" common env=!dontlog
</IfModule>
I'm aware the sub-request for the last RewriteCond line is expensive. I'm
hopeful the other RewriteCond lines would short circuit most of the server
accesses. Does Subversion create any connections with something
other than an initial OPTIONS request? I only trivially tested neon. I
added
that condition as a hopeful performance improvement.
And yes, as I stated above, I realize Subversion can create it's own
custom log, but using that removes the fun in this experiment...
Kevin R.
Re: Limiting Subversion noise in apache logs
Posted by km...@rockwellcollins.com.
> I have not tried it, but couldn't you do this easier by using the
> Apache piped logs feature? Just send the log entries via a pipe to
> a script that filters out any entries you do not want in the log. I
> am not positive, but your script might even be able to write the
> entries you filter into a different file.
>
> Example: http://www.sudleyplace.com/pipederrorlogs.html
This is an option, but I'm already piping logs to cronolog for log
rotation.
I was also trying to come up with a multi-platform approach, since I
wanted to support both Windows and Unix. I've found the Windows
piped logs to get a little temperamental if you try and get too fancy...
Kevin R.
> On Tue, Sep 11, 2012 at 5:45 PM, <km...@rockwellcollins.com> wrote:
> I've always been slightly annoyed with Apache 401 "unauthorized" log
entries
> when accessing a Subversion repository. I realize these are part of the
> standard authentication "handshake" via the http protocol.
> (Always ask anonymously first...)
>
> I also realize that mod_dav_svn can now provide a custom log file, but I
like
> my apache logs. On a busy server, these can get to be tens of gigabytes
per
> day. I'm not aware of a way to limit log entries based upon return
status
> codes...
>
> As a test, I think I have been able to abuse the rewrite_module to get
rid
> of these apache 401 log entries and I was wondering if any
Apache/Subversion
> gurus could poke holes in why this either doesn't work or shouldn't be
used:
>
>
> <IfModule rewrite_module>
> # Do not log authentication required responses
> RewriteEngine On
> RewriteCond %{REQUEST_METHOD} OPTIONS
> RewriteCond %{LA-U:REMOTE_USER} =""
> RewriteCond %{REQUEST_URI} !-U
> RewriteRule .* - [Last, ENV=dontlog:1]
> </IfModule>
>
> <IfModule log_config_module>
> LogFormat "%h %l %u %t \"%r\" %>s %b" common
> CustomLog "logs/access.log" common env=!dontlog
> </IfModule>
>
>
> I'm aware the sub-request for the last RewriteCond line is expensive.
I'm
> hopeful the other RewriteCond lines would short circuit most of the
server
> accesses. Does Subversion create any connections with something
> other than an initial OPTIONS request? I only trivially tested neon. I
added
> that condition as a hopeful performance improvement.
>
> And yes, as I stated above, I realize Subversion can create it's own
> custom log, but using that removes the fun in this experiment...
>
> Kevin R.
>
>
> --
> Thanks
>
> Mark Phippard
> http://markphip.blogspot.com/
Re: Limiting Subversion noise in apache logs
Posted by Mark Phippard <ma...@gmail.com>.
I have not tried it, but couldn't you do this easier by using the Apache
piped logs feature? Just send the log entries via a pipe to a script that
filters out any entries you do not want in the log. I am not positive, but
your script might even be able to write the entries you filter into a
different file.
Example: http://www.sudleyplace.com/pipederrorlogs.html
On Tue, Sep 11, 2012 at 5:45 PM, <km...@rockwellcollins.com> wrote:
> I've always been slightly annoyed with Apache 401 "unauthorized" log
> entries
> when accessing a Subversion repository. I realize these are part of the
> standard authentication "handshake" via the http protocol.
> (Always ask anonymously first...)
>
> I also realize that mod_dav_svn can now provide a custom log file, but I
> like
> my apache logs. On a busy server, these can get to be tens of gigabytes
> per
> day. I'm not aware of a way to limit log entries based upon return status
> codes...
>
> As a test, I think I have been able to abuse the rewrite_module to get rid
> of these apache 401 log entries and I was wondering if any
> Apache/Subversion
> gurus could poke holes in why this either doesn't work or shouldn't be
> used:
>
>
> <IfModule rewrite_module>
> # Do not log authentication required responses
> RewriteEngine On
> RewriteCond %{REQUEST_METHOD} OPTIONS
> RewriteCond %{LA-U:REMOTE_USER} =""
> RewriteCond %{REQUEST_URI} !-U
> RewriteRule .* - [Last, ENV=dontlog:1]
> </IfModule>
>
> <IfModule log_config_module>
> LogFormat "%h %l %u %t \"%r\" %>s %b" common
> CustomLog "logs/access.log" common env=!dontlog
> </IfModule>
>
>
> I'm aware the sub-request for the last RewriteCond line is expensive. I'm
> hopeful the other RewriteCond lines would short circuit most of the server
> accesses. Does Subversion create any connections with something
> other than an initial OPTIONS request? I only trivially tested neon. I
> added
> that condition as a hopeful performance improvement.
>
> And yes, as I stated above, I realize Subversion can create it's own
> custom log, but using that removes the fun in this experiment...
>
> Kevin R.
>
--
Thanks
Mark Phippard
http://markphip.blogspot.com/