45. Apache Tomcat

Table of Contents

Apache Tomcat provides flexible logging that can be configured for different transports and formats.

Example 233. Collecting Apache Tomcat logs

Here is an Apache log sample consisting of three events. The log message of the second event spans multiple lines.

Apache Tomcat log sample

2001-01-25 17:31:42,136 INFO [org.nxlog.somepackage.Class] - single line
2001-01-25 17:41:16,268 ERROR [org.nxlog.somepackage.Class] - Error retrieving names: ; nested exception is:
        java.net.ConnectException: Connection refused
AxisFault
 faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
 faultSubcode:
 faultString: java.net.ConnectException: Connection refused
 faultActor:
 faultNode:
 faultDetail:
        {http://xml.apache.org/axis/}stackTrace:java.net.ConnectException: Connection refused
2001-01-25 17:57:38,469 INFO [org.nxlog.somepackage.Class] - third log message

In order to parse and process multiple line log messages, the xm_multiline module is used. In this example, a regular expression match determines the beginning of a log message.

nxlog.conf


  1
2
3
4
5
6
7
8
9
10
11
12
13
14

  define REGEX /(?x)^(?<EventTime>\d{4}\-\d{2}\-\d{2}\ \d{2}\:\d{2}\:\d{2}),\d{3}\ \
             (?<Severity>\S+)\ \[(?<Class>\S+)\]\ \-\ (?<Message>[\s\S]+)/

<Extension multiline>
    Module      xm_multiline
    HeaderLine  %REGEX%
</Extension>

<Input log4j>
    Module      im_file
    File        "/var/log/tomcat6/catalina.out"
    InputType   multiline
    Exec        if $raw_event =~ %REGEX%  $EventTime = parsedate($EventTime);
</Input>

You are here

45. Apache Tomcat | Log Collection Solutions

45. Apache Tomcat