日志路径

由于不同发行版的名称不同，Apache日志存储在不同的路径中。 DEB 或者apt family用这个名字 apache2 并将日志存储为 apache2 但是这个 RPM 百胜家族使用这个名字 httpd 并将日志存储在 httpd 目录。

/var/log/httpd/

森托斯
红帽
软呢帽

/变量/日志/apache2/

乌班图
德比安
卡利

正在获取日志文件目录

可以使用Apache配置更改日志文件目录。在配置文件中查找精确的日志路径

Ubuntu、Debian、Kali

$ grep -r ErrorLog /etc/apache2

CentOS，软呢帽，红帽子

$ grep -r ErrorLog /etc/httpd

错误记录

错误日志通常与服务和http请求错误相关。对于不同的分布，存在不同的路径，但通常使用相似的路径。

我们可以读取如下错误日志。我们使用 较少的 阅读。

$ less /var/log/httpd/error_log[Wed Nov 02 10:39:21.845702 2016] [suexec:notice] [pid 11753] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.122.179. Set the 'ServerName' directive globally to suppress this message [Wed Nov 02 10:39:21.863409 2016] [auth_digest:notice] [pid 11753] AH01757: generating secret for digest authentication ... [Wed Nov 02 10:39:21.863914 2016] [lbmethod_heartbeat:notice] [pid 11753] AH02282: No slotmem from mod_heartmonitor [Wed Nov 02 10:39:21.965402 2016] [mpm_prefork:notice] [pid 11753] AH00163: Apache/2.4.6 (CentOS) PHP/5.4.16 configured -- resuming normal operations [Wed Nov 02 10:39:21.965427 2016] [core:notice] [pid 11753] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'

我们也可以用grep搜索错误文件

$ grep suexec /var/log/httpd/error_log      [Wed Nov 02 10:39:21.845702 2016] [suexec:notice] [pid 11753] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Wed Nov 02 12:02:22.495005 2016] [suexec:notice] [pid 11947] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Wed Nov 02 12:04:32.052658 2016] [suexec:notice] [pid 11965] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)

访问日志

访问日志通常提供与http请求相关的信息，对于繁忙的站点，会生成大量的信息。访问日志将提供有关请求或访问apacheweb服务器的尝试的以下信息。

客户端IP地址
日期和时间
请求URI
HTTP状态代码
客户端浏览器

$ less /var/log/httpd/access_log192.168.122.1 - - [02/Nov/2016:10:39:51 +0000] "GET /owncloud HTTP/1.1" 301 229 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36" 192.168.122.1 - - [02/Nov/2016:10:39:51 +0000] "GET /owncloud/ HTTP/1.1" 200 10986 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36" 192.168.122.1 - - [02/Nov/2016:10:39:51 +0000] "GET /owncloud/core/css/styles.css?v=ba222ded25d957b900c03bef914333cd HTTP/1.1" 200 21989 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36" 192.168.122.1 - - [02/Nov/2016:10:39:51 +0000] "GET /owncloud/core/css/inputs.css?v=ba222ded25d957b900c03bef914333cd HTTP/1.1" 200 8973 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36" 192.168.122.1 - - [02/Nov/2016:10:39:51 +0000] "GET /owncloud/core/css/header.css?v=ba222ded25d957b900c03bef914333cd HTTP/1.1" 200 7338 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36" 192.168.122.1 - - [02/Nov/2016:10:39:51 +0000] "GET /owncloud/core/css/icons.css?v=ba222ded25d957b900c03bef914333cd HTTP/1.1" 200 8018 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36" 192.168.122.1 - - [02/Nov/2016:10:39:51 +0000] "GET /owncloud/core/css/fonts.css?v=ba222ded25d957b900c03bef914333cd HTTP/1.1" 200 728 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36"

搜索特定的HTTP状态错误

我们可以用grep像错误日志一样搜索 access_log 文件。

$ grep 404 /var/log/httpd/access_log   192.168.122.1 - - [02/Nov/2016:10:40:44 +0000] "GET /owncloud/index.php/core/preview.png?file=%2FownCloud+Manual.pdf&c=d299b7320e9d9fda4420ba86181ea2a5&x=32&y=32&forceIcon=0 HTTP/1.1" 404 - "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36" 192.168.122.1 - - [02/Nov/2016:10:41:13 +0000] "GET /owncloud/index.php/core/preview.png?file=%2FownCloud+Manual.pdf&c=d299b7320e9d9fda4420ba86181ea2a5&x=32&y=32&forceIcon=0 HTTP/1.1" 404 - "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36"

相关文章：如何用Netsh命令行管理Windows防火墙？