You are browsing a read-only backup copy of Wikitech. The live site can be found at

Apache log format

From Wikitech
Jump to navigation Jump to search

The WMF Apache access log format is derived from the cache log format. It has tab-separated fields.

Field# Description Details
1 time stamp The time at which the request started, in ISO 8601 format, according to the server's clock.
2 Request service time Integer number of microseconds
3 Client IP You might want to override this with the original client IP (field 17 below).
4 Request handler, HTTP status code The Apache request handler, then a slash, then the HTTP status code, e.g. cgi-script/200
5 Response size Size of response in bytes, excluding HTTP headers.
6 Request method GET, POST, etc
7 URL The URL, concatenated from the host header, the path and the query string. The protocol is always http, even if mod_ssl was used. In theory we could use SetEnvIf with "SSLOptions StdEnvVars", but the latter has a high performance overhead, according to the documentation.
8 Empty For compatibility with the cache log format, this field is always just a hyphen.
9 MIME content type The Content-Type response header
10 Referer header
11 X-Forwarded-For header This field should only be respected if the client IP (see above) is a known good IP (i.e.: in $wgSquidServersNoPurge of wmf-config/squid.php of operations/mediawiki-config).
12 User-Agent header
13 Accept_Language
14 X-Analytics General purpose header for instrumentation, which received its own page at X-Analytics.
15 User The username as determined by HTTP authentication
16 User: Response header The username as determined by the server and added as the HTTP User: header. Since 2019-03-20
17 Original client IP The original client IP as determined by mod_remoteip, which can walk X-Forwarded-For headers. This module currently needs to be configured on a per-site basis to give good results. If the module is not present, this will be a copy of field 3.
18 Request ID Internally we generate a request ID header, X-Request-Id, that should allow to trace a request across logs of various services. Since 2020-02-03