45. Apache Tomcat

Table of Contents

Apache Tomcat provides flexible logging that can be configured for different transports and formats.

Example 236. Collecting Apache Tomcat logs

Here is an Apache log sample consisting of three events. The log message of the second event spans multiple lines.

Apache Tomcat log sample

2001-01-25 17:31:42,136 INFO [org.nxlog.somepackage.Class] - single line
2001-01-25 17:41:16,268 ERROR [org.nxlog.somepackage.Class] - Error retrieving names: ; nested exception is:
        java.net.ConnectException: Connection refused
AxisFault
 faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException
 faultSubcode:
 faultString: java.net.ConnectException: Connection refused
 faultActor:
 faultNode:
 faultDetail:
        {http://xml.apache.org/axis/}stackTrace:java.net.ConnectException: Connection refused
2001-01-25 17:57:38,469 INFO [org.nxlog.somepackage.Class] - third log message

In order to parse and process multiple line log messages, the xm_multiline module is used. In this example, a regular expression match determines the beginning of a log message.

nxlog.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14

  define REGEX /(?x)^(?<EventTime>\d{4}\-\d{2}\-\d{2}\ \d{2}\:\d{2}\:\d{2}),\d{3}\ \
             (?<Severity>\S+)\ \[(?<Class>\S+)\]\ \-\ (?<Message>[\s\S]+)/

<Extension multiline>
    Module      xm_multiline
    HeaderLine  %REGEX%
</Extension>

<Input log4j>
    Module      im_file
    File        "/var/log/tomcat6/catalina.out"
    InputType   multiline
    Exec        if $raw_event =~ %REGEX%  $EventTime = parsedate($EventTime);
</Input>

Disclaimer

While we endeavor to keep the information in this topic up to date and correct, NXLog makes no representations or warranties of any kind, express or implied about the completeness, accuracy, reliability, suitability, or availability of the content represented here.

Last revision: 29 October 2018

You are here

45. Apache Tomcat | Log Collection Solutions

NXLog User Guide

45. Apache Tomcat