tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Filip Hanik - Dev Lists <>
Subject Re: Access logging for requests rejected by CoyoteAdaptor
Date Thu, 29 Apr 2010 14:05:37 GMT

We shouldn't dilute the access logs which is supposed to log valid HTTP 
requests with blah.
Many companies run funky port scanners as part of their audit, these 
would all end up in the access log if you used two.
The access log and its usage is pretty clear, and its not to log 
incomplete HTTP requests


On 04/28/2010 06:14 PM, Mark Thomas wrote:
> This was prompted by [1]. For a number of mal-formed requests, the 
> CoyoteAdaptor will reject them before they reach the access log valve. 
> There is currently no means of logging these rejected requests in Tomcat.
> There are obvious use cases for logging these requests in one form or 
> another. As i see it the options are:
> 1. Add standard Tomcat logging for these requests to CoyoteAdaptor
> Pros: Quick & simple to implement
> Cons: Separate from access log
> 2. Provide hooks in access log valves to allow CoyoteAdaptor to log 
> these rejections via the access log valve
> Pros: All access logs in one place
>       Could be used by other components
> Cons: More complex solution. CoyoteAdaptor would have to navigate 
> container hierarchy to find access log. Probably need a new AccessLog 
> interface to enable CoyoteAdaptor to work with multiple implementations.
> 3. Something else?
> I'm leaning towards 2. Thoughts?
> Mark
> [1]
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message