Appendix B. Reference information for logging

Table B-1. Escape sequences for custom logs


How to get "%" in the log line. Why would you want to?


Client IP address


Server IP address. Recall that you may be running different virtual hosts on different IP addresses.


Number of data bytes sent back. (i.e. excluding headers)


As for %B except that if the number is 0 then "-" is inserted instead.


The value of cookie fubar.


The number of microseconds it took to serve the query. See %T below for a less accurate representation.


The value of environment variable fubar when the query was processed.


The name of the file whose contents were ultimately served back to the client.


The request protocol. (Typically HTTP or HTTPS.)


Value of the fubar header on the input query. See also %o below.


The remote userid, if provided by RFCnnnn.


The request method. Typically "GET" for our queries, but occasionally "HEAD" if the browser is smart. It may be "POST" for some CGI programs uploading data.


A record of a "note" passed from one module to another. Not of interest at our level.


The value of header fubar in the outgoing response headers. See also %i above.


The port number of the server. Typically 80.


The process ID of the child that serviced the query. Typically only of use for debugging and trouble-shooting.


The query string component of the URL.


The first line of the query.


The status code passed back to the client.


The time of the request in standard format.


The time of the query in the format specified. See the manual page for strftime for details of the format.


The time taken to service the query in seconds. See %D above for more accuracy.


The userid used to authenticate to this page, if necessary.


The URL requested without the server name and protocol elements and without any trailing query string.


The server name for the virtual host that was given the query.

HTTP (RFC 2616) is a very subtle protocol with much more happening than you might expect from the simple stuff we have been covering. The following table lists all the status codes it has and which might find themselves in your log files. In practise you will only see a tiny subset of them.

Table B-2. HTTP status codes

101Switching protocols
203Nonauthoritative information
204No content
205Reset content
206Partial content
300Multiple choices
301Moved permanently
303See other
304Not modified
305Use proxy
307Temporary redirect
400Bad request
402Payment required
404Not found
405Method not allowed
406Not acceptable
407Proxy authentication required
408Request time-out
411Length required
412Precondition failed
413Request entity too large
414Request URI too large
415Unsupported media type
416Requested range not satisfiable
417Expectation failed
500Internal server error
501Not implemented
502Bad gateway
503Service unavailable
504Gateway timed out
505HTTP version unsupported