I have a SSL-enabled Apache server which utilizes rotate log to archive the log files. The problem is that when the logs are "rotated", some information get lost...
For example, all authenticated user names are missing.
ssl_access_log will log:
- 111.222.333.44 - testuser [24/Aug/2009:11:58:58 -0700] "GET /favicon.ico HTTP/1.1" 404 292 "http://website.com" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.1) Gecko/20050729 Firefox/3.5.2 (.NET CLR 3.5.30729)"
but the rotated log will only archive:
- 111.222.333.44 - - [24/Aug/2009:11:58:58 -0700] "GET /favicon.ico HTTP/1.1" 302 303 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.1) Gecko/20050729 Firefox/3.5.2 (.NET CLR 3.5.30729)"
Here is a set up of my httpd.conf file:
For the rotate..
- CustomLog "| /usr/sbin/rotatelogs /etc/httpd/logs/ssl_access 604800" combined
For my virtual host to the https port directive..
- LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
- TransferLog logs/ssl_access_log
Why isn't the authenticated user logged in the rotated logs?