My relatively small lab system was generating ~10GB of httpd logging on a daily
basis. Even with logrotate and compression, the activity level was just
ludicrous. I don't remember this from earlier versions. I don't see any
obvious errors in the log that explain this over-zealous behavior. I didn't
want to suppress the logs completely, and the LogLevel is already on warn. I
decided in the end to remote log to my central syslog server which stores the
logs on an NFS mount from a FreeNAS (ZFS with compression) NAS. The
compression will keep the actual disk space down, and since I am not all that
worried about losing some logs, I went with sync=off and udp on the transit.
Here are the changes I made to /etc/httpd/conf.d/ssl.conf in case someone else
finds them useful.
48,49c48,51
< ErrorLog logs/ssl_error_log
< TransferLog logs/ssl_access_log
---
> #ErrorLog logs/ssl_error_log
> ErrorLog "|/usr/bin/logger -t ssl-error -p local1.warn"
> #TransferLog logs/ssl_access_log
> TransferLog "|/usr/bin/logger -t ssl-access -p local1.warn"
203,206c205,212
< CustomLog logs/ssl_request_log \
< "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
<
< CustomLog logs/ovirt-requests-log "%t %h \"Correlation-Id:
%{Correlation-Id}o\" \"Duration: %Dus\" \"%r\" %b" "expr=%{QUERY_STRING} !~
/username.*password|password.*username/"
---
> #CustomLog logs/ssl_request_log \
> # "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
> LogFormat "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" ssl-request-format
> CustomLog "|/usr/bin/logger -t ssl-requests -p local1.warn"
> ssl-request-format
>
> LogFormat "%t %h \"Correlation-Id: %{Correlation-Id}o\" \"Duration: %Dus\"
> \"%r\" %b" ovirt-requests-format
> CustomLog "|/usr/bin/logger -t ovirt-requests -p local1.warn"
> ovirt-requests-format "expr=%{QUERY_STRING} !~
> /username.*password|password.*username/"
> #CustomLog logs/ovirt-requests-log "%t %h \"Correlation-Id:
> %{Correlation-Id}o\" \"Duration: %Dus\" \"%r\" %b" "expr=%{QUERY_STRING} !~
> /username.*password|password.*username/"
then blocked local logging to messages with local1.none in rsyslog.conf.
_______________________________________________
Users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/[email protected]/message/7SG4ZBBXOJQILQK23PJILGY4OZAGCDVK/
