You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Abhijit Das <ab...@icloud.com> on 2016/05/25 20:03:45 UTC
JSON Logging of Tomcat Access Log.
I am wanting to change the access logging format to JSON (for easier parsing with logstash)
I currently have the following config in my server.xml … How would i change this to JSON formatted?
<Valve className="org.apache.catalina.valves.RemoteIpValve"
internalProxies="1\.1\.1\.1"
trustedProxies="1\.1\.1\.1"
remoteIpHeader="X-Forwarded-For"
proxiesHeader="x-forwarded-by"
requestAttributesEnabled="true"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs"
prefix="localhost_access_log"
suffix=".txt"
pattern="%t %h %{X-AUSERNAME}o %{Referer}i %l %S %{User-Agent}i %U %s %r %q %A %v %p %b %I %D"
requestAttributesEnabled="true"
resolveHosts="false"/>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: JSON Logging of Tomcat Access Log.
Posted by Rajesh Cherukuri <ra...@gmail.com>.
you can use grok to covert to JSON that is how i have done it
On Wed, May 25, 2016 at 9:03 PM, Abhijit Das <ab...@icloud.com> wrote:
> I am wanting to change the access logging format to JSON (for easier
> parsing with logstash)
>
> I currently have the following config in my server.xml … How would i
> change this to JSON formatted?
>
> <Valve
> className="org.apache.catalina.valves.RemoteIpValve"
> internalProxies="1\.1\.1\.1"
> trustedProxies="1\.1\.1\.1"
> remoteIpHeader="X-Forwarded-For"
> proxiesHeader="x-forwarded-by"
> requestAttributesEnabled="true"/>
>
> <Valve
> className="org.apache.catalina.valves.AccessLogValve"
> directory="logs"
> prefix="localhost_access_log"
> suffix=".txt"
> pattern="%t %h %{X-AUSERNAME}o %{Referer}i %l %S
> %{User-Agent}i %U %s %r %q %A %v %p %b %I %D"
> requestAttributesEnabled="true"
> resolveHosts="false"/>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: JSON Logging of Tomcat Access Log.
Posted by "Rainer Frey (Inxmail GmbH)" <Ra...@inxmail.de>.
> On 27.05.2016, at 19:41, Christopher Schultz <ch...@christopherschultz.net> wrote:
>
> AccessLogValve was written to conform to the age-old httpd log file
> format, subject to whatever "pattern" you want to apply.
>
> You could sprinkle your pattern full of JSON stuff, but then
> JSON-escaping wouldn't actually occur, etc.
>
> If you want JSON logging, you are going to have to write your own valve.
logback has an additional module called logback-access[1], that implements an access log valve for
Tomcat. You could then use a logbook appender that writes JSON, eg. the logstash-logback-encoder[2].
Disclaimer: I’ve never used that combination, and don’t know if there are incombatibilities. In theory,
it should work.
Rainer
[1] http://logback.qos.ch/access.html
[2] https://github.com/logstash/logstash-logback-encoder
Re: JSON Logging of Tomcat Access Log.
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Abhijit,
On 5/25/16 4:03 PM, Abhijit Das wrote:
> I am wanting to change the access logging format to JSON (for
> easier parsing with logstash)
>
> I currently have the following config in my server.xml \u2026 How would
> i change this to JSON formatted?
>
> <Valve className="org.apache.catalina.valves.RemoteIpValve"
> internalProxies="1\.1\.1\.1" trustedProxies="1\.1\.1\.1"
> remoteIpHeader="X-Forwarded-For" proxiesHeader="x-forwarded-by"
> requestAttributesEnabled="true"/>
>
> <Valve className="org.apache.catalina.valves.AccessLogValve"
> directory="logs" prefix="localhost_access_log" suffix=".txt"
> pattern="%t %h %{X-AUSERNAME}o %{Referer}i %l %S %{User-Agent}i %U
> %s %r %q %A %v %p %b %I %D" requestAttributesEnabled="true"
> resolveHosts="false"/>
AccessLogValve was written to conform to the age-old httpd log file
format, subject to whatever "pattern" you want to apply.
You could sprinkle your pattern full of JSON stuff, but then
JSON-escaping wouldn't actually occur, etc.
If you want JSON logging, you are going to have to write your own valve.
If you want to extend + override the existing AccessLogValve to create
a JSONAccessLogValve, consider contributing that code back to the
community.
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJXSIa4AAoJEBzwKT+lPKRYkNUP/jYOb0raLI5etOIq8ulWbMvV
C4OdMfQuftNEB1HnZLcdekDAQpYLHC+iNf5dvsau/JaA9BBvS8kBaD9/va/FgXIk
rvG5AX8AceO2ynYujnjXNXTVCDaue8CX+jgHF55neQxbW8SaTTB1ZmluJnpTZfK9
MhPLNrZ75nShFb5dAkWsTJhv4LHdwZTdlT8IrDPm4cNDmQbzgsmg5bPl5YJuRCk7
7vpYeS6B4zasD9JKxRtpVPgItQbPGOY6xzHmr+9wvz48QQJsIgbnB96CunEvbwce
QdLshOsOePX9Sd137al3DzVp5Xum2VgezriOq33uwoDWYFPCvICSh7KDidMNm07Z
heq8kjfcVY60lD5PFaiC9arYoRDntNdwKuhBkfSNeRhQCg2EQdN2RRYXWR+CpXT0
2MRRLPhZHcTcw23e3l2h2QohbD7nzkQUs3ZQLF5gEnWk0Ldr/wz78C9aYJEkX00h
DM6kNtVUZ3A1INKPVj+KfU+qX8obwmrWeHpV8eWjhQEoZHQhFqUUW+g7XTXt/ecl
rgtjGBT3UdEwC9pVBd1/yIpKOzQj28q9xjVnOsIuKZgDdX++UyZNAURWOU3tZUS+
0+netcVdDQorH4LQVUGL27I+6jzE6zFIkImS6T+oQ11a+qEFhyOTCQNdFKqcWisc
3doWobqkvGtMOttNNS6f
=njcz
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org