The user definable logging format can produce logs in exactly the format you require. The format of the log is defined by a free text string which is embedded with special macro values. The macro values are expanded to the logging data by the server. Macros are prefixed with a "%" sign, followed by a single letter macro code. Parameters are passed to the macro by placing them in curly braces "{}" between the % and the macro code letter. User Definable Logging Format
%...h Fully qualified domain name of the client or the IP address if DNS resolving is disabled or the client does not have a valid DNS address.
e.g. www.zeus.co.uk or 131.111.131.82%...u The userid used in the request if the requested document was password protected. %...t Log date in the form [day/month/year:hh:mm:ss timezone]
e.g. [29/07/1997:18:02:23 +0100]%...l Unsupported identd information. Included for completeness, and compatibility only. Always expands to -. %...T Short time format. YYMMDD-hhmmss.
e.g. 970101-012833%...r First line of client request.
e.g. "method url protocol/version"%...s The three digit status code returned by the server in response to this request.
e.g. 302%...b The number of bytes transferred by the server. %...M HTTP method used.
e.g. "GET"%...U The requested URL.
e.g. "/pages/graphics/bullet.gif"%...v The name of the virtual server which dealt with the request. %...V HTTP protocol version used by the client.
e.g. "HTTP/1.0"%...{Header-line}i Returns a HTTP header line from the input request. The header line required is specified by delimiting it with curly brackets {Header-Line} and placing it between the % symbol and the macro code, thus: %{Header-Line}i. %...{Header-line}o Returns a HTTP header line from the output response. The header line required is specified by delimiting it with curly brackets {Header-Line} and placing it between the % symbol and the macro code, thus: %{Header-Line}o. \n A (Carriage Return) character, allows single log entries to span more than one line.
Making Macros Conditional
Each logging macro can be made conditionally dependent on the status code returned by the server for the request. Such conditionals are specified by including a comma (",") separated list of HTTP status codes between the % sign and macro letter code. For macros with additional parameters the condition codes must be immediately before the opening "{". You can also exclude macros on a status basis. For this you need to prefix the status code given in the macro with an exclamation mark (!). This negates all status codes given in the list.If a condition is not met, the macro expands to a "-".
%h %l %u %t \"%r\" %s %b
This is the standard CLF logging format, lines are output like:
machine.zeus.co.uk - - [08/Apr/1997:16:02:20 +0100] "POST /form.cgi HTTP/1.0" 404 556 %T|%h|%M %U|%{Content-Type}o|%s|%u|%b|%{Cookie}i|%{Referer}i|%{User-Agent}iThis is the extended logging format of Zeus Server version 1. Output lines look like:970901-142349|machine.zeus.co.uk|GET /top.gif|image/gif|200|-|11940||http://www:1234/|Mozilla/5.00 [en] (WinNT; I) Bad Url: %!200,302,304U Referer: %!200,302,304{Referer}iThis will log the URL and referer of any request which did not return some sort of normal status.
Bad Url: /missing.html Referer: http://www.zeus.co.uk/broken.html Bad Url: - Referer: -