Configure Apache Access_Log Format

The Apache access log is one of the most important files that you can use to create reports on your visitor’s behavior to your website.  I often use Awstats (See: ) and other reports on my Apache access_log files.  Because of this, the format of your file is important.  You can modify the format to make it easier for you to run your reports.


Access_Log Field Definitions as Defined in the Apache httpd.conf File

If is as simple as modifying the parameters listed below to eliminate, add, or rearrange the elements defining the access_log format.  Below is the default formatting definition.

LogFormat “%h %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\”” combined

The default definition above will create entries similar to the one below:

Example log entry: – – [01/Nov/2013:08:52:03 -0600] “GET /networking/create-sonicwall-sslvpn/ HTTP/1.1” 200 58653 “,d.cGE” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Firefox/24.0”

Modifying the Access_Log Format

The access_log file File elements are listed below.  By adding, moving, or eliminating elements, you can completely remake your log file
Access_log File Field Definitions:

%h  – IP Address of the client which made the request to the server.
%l – identd from the clients machine.  Highly unreliable and should rarely be used unless tightly controlled.
%u – userid of the person requesting the document as determined by HTTP authentication.
%t – Timestamp
%r – The request line from the client given in double quotes.  listed as \”%r\” to escape the quotes.
%s – Status code that the server sends to the client
%b – The size of the object returned to the client, not including the response headers.
%Referrer – The site that referred the client to the requested resource.
%User-Agent – The User-Agent HTTP Request header.  This is  the information that the client browser reports about itself.
Configure Apache Access_Log Format

Configure Apache Access_Log Format

The following two tabs change content below.
Jeff has 20 years of professional IT experience, having done nearly everything in his roles of IT consultant, Systems Integrator, Systems Engineer, CNOC Engineer, Systems Administrator, Network Systems Administrator, and IT Director. If there is one thing he knows for sure, it is that there is always a simple answer to every IT problem and that downtime begins with complexity. Seasoned IT professional by day, Jeff hopes to help other IT professionals by blogging about his experiences at night on his blog: You can find Jeff on or LinkedIn at: LinkedIn or Twitter at: Twitter

Latest posts by Jeff Staten (see all)

Leave a Reply

Your email address will not be published. Required fields are marked *