Hello,
I need to better understand what kind of information are being logged by the CustomLog proccess on the SPS server.
This is how my CustomLog is configured in the httpd-ssl.conf:
LogFormat "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %>s %b %D %k" sslLog
CustomLog "|bin/rotatelogs.exe D:/Logs/apache/cipher.%Y-%m-%d.log 86400" sslLog
We've made a few customisations longtime ago (e.g. log folder, frequency, size, date format, etc.), but now I can't remember how and where we've configured it.
On this exemple, I know my request was processed without errors :
[13/Nov/2018:14:25:26 -0500] 172.30.160.5 TLSv1 RC4-MD5 "HEAD /favicon.ico HTTP/1.1" 200 - 0 0
But in this case, I understand that I get an http error 500 from the webserver, but I'd like to understand what each number that follows (1227, 78124, 0) means :
[13/Nov/2018:14:25:26 -0500] 172.30.128.12 TLSv1 RC4-MD5 "GET /AnotherExemple/AnotherExemple/AnotherExemple HTTP/1.1" 500 1227 78124 0
Could anyone give me a clue on how to identify the columns that are being logged in this case ("%r %>s %b %D %k")?
This is it's output (exemple) :
[13/Nov/2018:14:25:26 -0500] 172.30.160.5 TLSv1 RC4-MD5 "HEAD /favicon.ico HTTP/1.1" 200 - 0 0
[13/Nov/2018:14:25:26 -0500] 172.30.128.12 TLSv1 RC4-MD5 "GET /Exemple/Exemple/Exemple HTTP/1.1" 302 - 15615 0
[13/Nov/2018:14:25:26 -0500] 172.30.128.12 TLSv1 RC4-MD5 "GET /AnotherExemple/AnotherExemple/AnotherExemple HTTP/1.1" 500 1227 78124 0
[13/Nov/2018:14:25:34 -0500] 172.30.160.4 TLSv1 RC4-MD5 "HEAD /favicon.ico HTTP/1.1" 200 - 15637 0
Best regards,