1.
We shouldn't dilute the access logs which is supposed to log valid HTTP
requests with blah.
Many companies run funky port scanners as part of their audit, these
would all end up in the access log if you used two.
The access log and its usage is pretty clear, and its not to log
incomplete HTTP requests
Filip
On 04/28/2010 06:14 PM, Mark Thomas wrote:
This was prompted by [1]. For a number of mal-formed requests, the
CoyoteAdaptor will reject them before they reach the access log valve.
There is currently no means of logging these rejected requests in Tomcat.
There are obvious use cases for logging these requests in one form or
another. As i see it the options are:
1. Add standard Tomcat logging for these requests to CoyoteAdaptor
Pros: Quick & simple to implement
Cons: Separate from access log
2. Provide hooks in access log valves to allow CoyoteAdaptor to log
these rejections via the access log valve
Pros: All access logs in one place
Could be used by other components
Cons: More complex solution. CoyoteAdaptor would have to navigate
container hierarchy to find access log. Probably need a new AccessLog
interface to enable CoyoteAdaptor to work with multiple implementations.
3. Something else?
I'm leaning towards 2. Thoughts?
Mark
[1] https://issues.apache.org/bugzilla/show_bug.cgi?id=49099
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
