Apache is a widely used web server that logs essential data about client requests, server responses, and various system events. The LogLevel and LogFormat directives determine how logs capture details such as status codes, request headers, and potential errors. Adjusting these settings provides deeper insight into application behavior and aids in troubleshooting complex issues.
Enabling more verbose logging helps diagnose connection problems, performance bottlenecks, and security concerns. Detailed logs reveal hidden anomalies that might remain undetected at default verbosity levels. This practice also supports auditing and compliance needs where in-depth records are required.
However, comprehensive logging should be implemented prudently to avoid disk space overuse and server slowdown. High volumes of logged data can degrade performance, especially in production environments. Appropriate log rotation, strategic log formats, and a measured LogLevel choice ensure sufficient diagnostic information without compromising stability.
Steps to configure verbose Apache logging:
- Open the terminal on your server.
- Search for LogLevel directive in Apache's configuration files.
$ sudo grep -nr ^LogLevel /etc/{httpd,apache2}/ grep: /etc/httpd/: No such file or directory /etc/apache2/apache2.conf:143:LogLevel warnRelated: Location for Apache configuration
- Open the Apache configuration file using your preferred text editor.
$ sudo /etc/apache2/apache2.conf
- Change the LogLevel value to a more verbose option.
LogLevel debug
Options range from emerg, alert, crit, error, warn, notice, info, to debug. The debug level logs the most information.
- Save the file and exit the text editor.
- Search for LogFormat directive in Apache's configuration files.
$ sudo grep -nr ^LogFormat /etc/{httpd,apache2}/ grep: /etc/httpd/: No such file or directory /etc/apache2/apache2.conf:212:LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined /etc/apache2/apache2.conf:213:LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined /etc/apache2/apache2.conf:214:LogFormat "%h %l %u %t \"%r\" %>s %O" common /etc/apache2/apache2.conf:215:LogFormat "%{Referer}i -> %U" referer /etc/apache2/apache2.conf:216:LogFormat "%{User-agent}i" agent </WRAP> LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-agent}i"" combined CustomLog ${APACHE_LOG_DIR}/access.log combined - Open the Apache configuration file using your preferred text editor.
$ sudo /etc/apache2/apache2.conf
- Customize the LogFormat directives as required.
Related: LogFormat string reference
The word at the end of the LogFormat directives (common, combined, vhost_combined, etc.) are nicknames for the format strings. These nicknames can be used in the CustomLog directive for your VirtualHost to specify which format to use when logging.
Standard Combined Format:
LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combinedExplanation: This is the default combined log format. It logs the client’s IP address (%h), user identifier (%l), username (%u), request time (%t), the request line from the client (%r), status code (%>s), response size in bytes (%b), the referring URL (%{Referer}i), and the user-agent string (%{User-Agent}i). This format provides a comprehensive view of each request.
Minimalist Log Format:
LogFormat "%h %l %u %t "%r" %>s %b" minimal
Explanation: This custom format logs only the essential details: the client’s IP, user identifier, username, request time, request line, status code, and response size. It's useful when you want a simplified log output with only key information.
Verbose Format with Headers:
LogFormat "%v %h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i" "%{Host}i" "%{Accept}i" "%{Accept-Language}i"" verboseExplanation: This custom format extends the standard combined format by including additional request headers like Host, Accept, and Accept-Language. It's useful for debugging issues related to content negotiation or server name routing.
Log Format with Query String:
LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i" "%q"" query_includedExplanation: This format includes the query string of the request (%q). It’s particularly helpful for troubleshooting issues where the query string might be affecting the server’s response.
Referer-Based Logging:
LogFormat "%{Referer}i -> %U" refererExplanation: This format logs the referring URL and the requested resource (%U). It's useful for analyzing which external sites are linking to your resources.
User-Agent and Time:
LogFormat "%t "%{User-Agent}i"" user_agent_timeExplanation: This format focuses on logging the request time and the user-agent string. It’s useful when you need to analyze traffic patterns based on user-agent or when diagnosing issues with specific browsers or devices.
- Save the file and exit the text editor.
- Restart Apache to apply the changes.
$ sudo systemctl restart apache2 # Ubuntu, Debian $ sudo systemctl restart httpd # CentOS, Red Hat
- Monitor the Apache logs to view the verbose output.
$ tail -f /var/log/apache2/error.log # Ubuntu, Debian $ tail -f /var/log/httpd/error_log # CentOS, Red Hat
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.
Comment anonymously. Login not required.