Bug 1209162
Summary: | RFE: CustomLog should be able to use journald | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 8 | Reporter: | Pat Riehecky <riehecky> | |
Component: | httpd | Assignee: | Luboš Uhliarik <luhliari> | |
Status: | CLOSED ERRATA | QA Contact: | Branislav Náter <bnater> | |
Severity: | medium | Docs Contact: | Lenka Špačková <lkuprova> | |
Priority: | medium | |||
Version: | 8.3 | CC: | bnater, csieh, gerald.prock, jlyle, jorton, kwalker, lmanasko, luhliari, misterbonnie, pasik, riehecky, rsawhill | |
Target Milestone: | rc | Keywords: | FutureFeature | |
Target Release: | 8.3 | |||
Hardware: | All | |||
OS: | Linux | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | Enhancement | ||
Doc Text: |
.Support for logging to `journald` from the `CustomLog` directive in `httpd`
It is now possible to output access (transfer) logs to `journald` from the Apache HTTP Server by using a new option for the `CustomLog` directive.
The supported syntax is as follows:
----
CustomLog journald:priority format|nickname
----
where _priority_ is any priority string up to `debug` as used in the link:http://httpd.apache.org/docs/2.4/mod/core.html#loglevel[`LogLevel` directive].
For example, to log to `journald` using the the `combined` log format, use:
----
CustomLog journald:info combined
----
Note that when using this option, the server performance might be lower than when logging directly to flat files.
|
Story Points: | --- | |
Clone Of: | ||||
: | 2024310 (view as bug list) | Environment: | ||
Last Closed: | 2020-11-04 03:35:12 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1298243, 1473733, 1562205, 1630916, 1654421 |
Description
Pat Riehecky
2015-04-06 14:22:29 UTC
Pat, please file a ticket with support for this kind of RFE. It looks like quite a bit of work is required to get this integrated (including upstream) and so we need a business justification for that. It looked like the upstream bug has a patch for the relevant behavior. I'll reach out for getting an appropriate support case file. Upstream docs (http://httpd.apache.org/docs/trunk/mod/mod_log_config.html#customlog) suggest this has already been added to trunk somehow despite status of that upstream bug. ~~~ Syntax: CustomLog file|pipe|provider format|nickname [env=[!]environment-variable| expr=expression] ... *provider* Modules implementing ErrorLog providers can also be used as a target for CustomLog messages. To use ErrorLog provider as a target, "provider:argument" syntax must be used. You can for example use mod_journald or mod_syslog as a provider: # CustomLog logging to journald CustomLog "journald" "%h %l %u %t \"%r\" %>s %b" # CustomLog logging to syslog with "user" facility CustomLog "syslog:user" "%h %l %u %t \"%r\" %>s %b" ~~~ I didn't look into the code behind it (or even checkout trunk and test), but man if it's something that gets stable and backported to upstream's 2.4, wow we *have* to backport it to RHEL's httpd24. It would make life so much easier for so many people. Yes, Jan wrote mod_journald and pushed it upstream, which provides both access logging and error logging via journald. See also bug 1168956. The big problem with this is that there is a severe performance impact to logging via journald at the moment due to a kernel restriction. We don't want to add this to RHEL httpd unless the journald/kernel side is also resolved. For us it would be really great if the second module "mod_syslog" would be provided in RHEL7 to log directly to rsyslog without the way over /usr/bin/logger and journald. On high load server (>1000 req/s) the way over the default logger crash the logging (httpd -> logger -> journald -> rsyslog). With the module the direct way from httpd to rsyslog would be really nice. At the moment we have to use a script instead of the logger to log directly to rsyslog. Thanks to Ryan to help us to improve the performance of that way. This feature would be super useful on my end. Could the enhanced logging be provided as a Tech Preview feature with known performance problems? I've no real preference between syslog and journald, but I would very much like to see this in my production environment. Just swinging back around on this one. Sorry. The patches are in trunk, I'll revive the effort to get them backported to 2.4.x and we can look at pulling them into RHEL7 httpd. Awesome! Any chance they'll make it into RHEL8 too? Just swinging back around... It does not appear to be feasible to backport syslog support for CustomLog. However, I have found a way to backport journald support, though without the structured logging support used in upstream 2.5's mod_journald. I am therefore adjusting the RFE to cover just journald. mod_journald will be supported once there is a stable (e.g. 2.6) release which we can package as a new module stream. The syntax supported is: CustomLog journald:priority format|nickname where "priority" is a priority string as in LogLevel http://httpd.apache.org/docs/2.4/mod/core.html#loglevel Only priorities up to debug are permitted (the syslog/journald interfaces do not support trace* levels) (In reply to Joe Orton from comment #28) > The syntax supported is: > > CustomLog journald:priority format|nickname > > where "priority" is a priority string as in LogLevel > http://httpd.apache.org/docs/2.4/mod/core.html#loglevel > Only priorities up to debug are permitted (the syslog/journald interfaces do > not support trace* levels) Were there any documentation backported? No; in fact overriding the priority level is not possible with the extensions to mod_log_config and mod_journald from trunk/2.5, which will always default to the INFO level for transfer logs (and maps error log levels to the appropriate level from httpd internal log level). Not sure where best to document this, release notes is maybe sufficient? Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: httpd:2.4 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:4751 |