Return-Path: 
 <users-return-107134-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
X-Original-To: apmail-httpd-users-archive@www.apache.org
Delivered-To: apmail-httpd-users-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 9DEED10AF4
	for <apmail-httpd-users-archive@www.apache.org>;
 Sat, 27 Jul 2013 08:29:33 +0000 (UTC)
Received: (qmail 77166 invoked by uid 500); 27 Jul 2013 08:29:30 -0000
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 76829 invoked by uid 500); 27 Jul 2013 08:29:30 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
List-Post: <mailto:users@httpd.apache.org>
List-Id: <users.httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 76821 invoked by uid 99); 27 Jul 2013 08:29:29 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 27 Jul 2013 08:29:29 +0000
X-ASF-Spam-Status: No, hits=-0.0 required=5.0
	tests=SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of ph1@openstrike.co.uk
 designates 89.16.177.71 as permitted sender)
Received: from [89.16.177.71] (HELO primary1.mail.openstrike.co.uk)
 (89.16.177.71)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 27 Jul 2013 08:29:23 +0000
Received: from palma.openstrike.co.uk (labs [81.187.19.186])
	(Authenticated sender: qdxpete)
	by primary1.mail.openstrike.co.uk (Postfix) with ESMTP id 40AB32CC001
	for <users@httpd.apache.org>; Sat, 27 Jul 2013 09:29:02 +0100 (BST)
Received: from palma.openstrike.co.uk (localhost.localdomain [127.0.0.1])
	by palma.openstrike.co.uk (8.14.5/8.14.5) with ESMTP id r6R8T1uw003478
	for <users@httpd.apache.org>; Sat, 27 Jul 2013 09:29:01 +0100
Received: (from pete@localhost)
	by palma.openstrike.co.uk (8.14.5/8.14.5/Submit) id r6R8T1tU003477
	for users@httpd.apache.org; Sat, 27 Jul 2013 09:29:01 +0100
X-Authentication-Warning: palma.openstrike.co.uk: pete set sender to
 ph1@openstrike.co.uk using -f
Date: Sat, 27 Jul 2013 09:29:01 +0100
From: Pete Houston <ph1@openstrike.co.uk>
To: users@httpd.apache.org
Message-ID: <20130727082901.GA1747@palma.openstrike.co.uk>
References: <1AE6C881-47F1-495B-BE38-0ABADC52C080@redfish-solutions.com>
 <51F0EDA3.3050407@globdesign.com>
 <OF26902E6B.B59A7E76-ON88257BB4.0011E6D7-88257BB4.00138B5F@LocalDomain>
 <20130726074700.GC1793@palma.openstrike.co.uk>
 <OFEE463D97.8FB4D61C-ON88257BB4.006AEEBA-88257BB4.006C00E3@LocalDomain>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="17pEHd4RhPHOinZp"
Content-Disposition: inline
In-Reply-To: 
 <OFEE463D97.8FB4D61C-ON88257BB4.006AEEBA-88257BB4.006C00E3@LocalDomain>
Organization: Openstrike
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Virus-Checked: Checked by ClamAV on apache.org
Subject: Re: [users@httpd] Logging Base64 decoded info in access_log

--17pEHd4RhPHOinZp
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Jul 26, 2013 at 12:39:37PM -0700, Jignesh Badani wrote:
> Thanks Pete, yes, post processing the log file nightly is the option I was
> considering. I am doing it currently on a per request basis. But I was
> hoping to avoid it if I could do it in real time by calling on B64 decode
> on the cookie.

I do not see the advantage in doing it in real time over
post-processing. The docs are pretty clear on this too.

http://httpd.apache.org/docs/2.4/logs.html#piped says

	As with conditional logging, piped logs are a very powerful tool,
	but they should not be used where a simpler solution like off-line
	post-processing is available.

which is good advice.

> Piped logs is an option I did not consider even though I am currently usi=
ng
> it for logs rotation. Can you suggest how I can achieve what you are
> proposing w/o loosing out on the log rotation functionality.
>=20
> I have the following in my httpd config:
>=20
> -------
> CustomLog "|/opt/apache/bin/rotatelogs /opt/apache/logs/access_log 86400"
> combined env=3D!dontlog
>=20
> #where dontlog are a couple of load balancers IP address I want to keep o=
ut
> of the access logs.
>=20
> -----------

If you go against the advice in the documentation and decide to do it
with piped logs just use something like=20

	CustomLog "|/path/to/filterprog | /opt/apache/bin/rotatelogs /opt/apache/l=
ogs/access_log 86400" combined env=3D!dontlog

And remember the docs also say:

	Piped log processes are spawned by the parent Apache httpd process,
	and inherit the userid of that process. This means that piped log
	programs usually run as root. It is therefore very important to keep
	the programs simple and secure.

Good luck,

Pete
--=20
Openstrike - improving business through open source
http://www.openstrike.co.uk/ or call 01722 770036 / 07092 020107

--17pEHd4RhPHOinZp
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAlHzhM0ACgkQdzfnYmsKt52fWgCg0bCqvtxN2PwV8MoQglwpzhDw
Xw8AoJDo7J6JGgkkg6IFnY0FKWpZUR8s
=Yyq6
-----END PGP SIGNATURE-----

--17pEHd4RhPHOinZp--