The Access Log Valve creates log files in the same format as those created by standard web servers. These logs can later be analyzed by standard log analysis tools to track page hit counts, user session activity, and so on. This Valve uses self-contained logic to write its log files, which can be automatically rolled over at midnight each day. (The essential requirement for access logging is to handle a large continuous stream of data with low overhead. This Valve does not use Apache Commons Logging, thus avoiding additional overhead and potentially complex configuration).

This Valve may be associated with any Catalina container (Context, Host, or Engine), and will record ALL requests processed by that container.

Some requests may be handled by Tomcat before they are passed to a container. These include redirects from /foo to /foo/ and the rejection of invalid requests. Where Tomcat can identify the Context that would have handled the request, the request/response will be logged in the AccessLog(s) associated Context, Host and Engine. Where Tomcat cannot identify the Context that would have handled the request, e.g. in cases where the URL is invalid, Tomcat will look first in the Engine, then the default Host for the Engine and finally the ROOT (or default) Context for the default Host for an AccessLog implementation. Tomcat will use the first AccessLog implementation found to log those requests that are rejected before they are passed to a container.

The output file will be placed in the directory given by the directory attribute. The name of the file is composed by concatenation of the configured prefix, timestamp and suffix. The format of the timestamp in the file name can be set using the fileDateFormat attribute. This timestamp will be omitted if the file rotation is switched off by setting rotatable to false.

Warning: If multiple AccessLogValve instances are used, they should be configured to use different output files.

If sendfile is used, the response bytes will be written asynchronously in a separate thread and the access log valve will not know how many bytes were actually written. In this case, the number of bytes that was passed to the sendfile thread for writing will be recorded in the access log valve.

The Access Log Valve supports the following configuration attributes:

Values for the pattern attribute are made up of literal text strings, combined with pattern identifiers prefixed by the "%" character to cause replacement by the corresponding variable value from the current request and response. The following pattern codes are supported:

• %a - Remote IP address
• %A - Local IP address
• %b - Bytes sent, excluding HTTP headers, or '-' if zero
• %B - Bytes sent, excluding HTTP headers
• %h - Remote host name (or IP address if enableLookups for the connector is false)
• %H - Request protocol
• %l - Remote logical username from identd (always returns '-')
• %m - Request method (GET, POST, etc.)
• %p - Local port on which this request was received. See also %{xxx}p below.
• %q - Query string (prepended with a '?' if it exists)
• %r - First line of the request (method and request URI)
• %s - HTTP status code of the response
• %S - User session ID
• %t - Date and time, in Common Log Format
• %u - Remote user that was authenticated (if any), else '-'
• %U - Requested URL path
• %v - Local server name
• %D - Time taken to process the request, in millis
• %T - Time taken to process the request, in seconds
• %F - Time taken to commit the response, in millis
• %I - Current request thread name (can compare later with stacktraces)

There is also support to write information incoming or outgoing headers, cookies, session or request attributes and special timestamp formats. It is modeled after the Apache HTTP Server log configuration syntax. Each of them can be used multiple times with different xxx keys:

• %{xxx}i write value of incoming header with name xxx
• %{xxx}o write value of outgoing header with name xxx
• %{xxx}c write value of cookie with name xxx
• %{xxx}r write value of ServletRequest attribute with name xxx
• %{xxx}s write value of HttpSession attribute with name xxx
• %{xxx}p write local (server) port (xxx==local) or remote (client) port (xxx=remote)
• %{xxx}t write timestamp at the end of the request formatted using the enhanced SimpleDateFormat pattern xxx

All formats supported by SimpleDateFormat are allowed in %{xxx}t. In addition the following extensions have been added:

• sec - number of seconds since the epoch
• msec - number of milliseconds since the epoch
• msec_frac - millisecond fraction

These formats can not be mixed with SimpleDateFormat formats in the same format token.

Furthermore one can define whether to log the timestamp for the request start time or the response finish time:

• begin or prefix begin: chooses the request start time
• end or prefix end: chooses the response finish time

By adding multiple %{xxx}t tokens to the pattern, one can also log both timestamps.

The shorthand pattern pattern="common" corresponds to the Common Log Format defined by '%h %l %u %t "%r" %s %b'.

The shorthand pattern pattern="combined" appends the values of the Referer and User-Agent headers, each in double quotes, to the common pattern.

When Tomcat is operating behind a reverse proxy, the client information logged by the Access Log Valve may represent the reverse proxy, the browser or some combination of the two depending on the configuration of Tomcat and the reverse proxy. For Tomcat configuration options see Proxies Support and the Proxy How-To. For reverse proxies that use mod_jk, see the generic proxy documentation. For other reverse proxies, consult their documentation.

The Extended Access Log Valve extends the Access Log Valve class, and so uses the same self-contained logging logic. This means it implements many of the same file handling attributes. The main difference to the standard AccessLogValve is thatExtendedAccessLogValve creates log files which conform to the Working Draft for the Extended Log File Format defined by the W3C.

The Extended Access Log Valve supports all configuration attributes of the standard Access Log Valve. Only the values used for className and pattern differ.

Values for the pattern attribute are made up of format tokens. Some of the tokens need an additional prefix. Possible prefixes are c for "client", s for "server", cs for "client to server", sc for "server to client" or x for "application specific". Furthermore some tokens are completed by an additional selector. See the W3C specification for more information about the format.

The following format tokens are supported:

• bytes - Bytes sent, excluding HTTP headers, or '-' if zero
• c-dns - Remote host name (or IP address if enableLookups for the connector is false)
• c-ip - Remote IP address
• cs-method - Request method (GET, POST, etc.)
• cs-uri - Request URI
• cs-uri-query - Query string (prepended with a '?' if it exists)
• cs-uri-stem - Requested URL path
• date - The date in yyyy-mm-dd format for GMT
• s-dns - Local host name
• s-ip - Local IP address
• sc-status - HTTP status code of the response
• time - Time the request was served in HH:mm:ss format for GMT
• time-taken - Time (in seconds as floating point) taken to serve the request
• x-threadname - Current request thread name (can compare later with stacktraces)

For any of the x-H(XXX) the following method will be called from the HttpServletRequest object:

• x-H(authType): getAuthType
• x-H(characterEncoding): getCharacterEncoding
• x-H(contentLength): getContentLength
• x-H(locale): getLocale
• x-H(protocol): getProtocol
• x-H(remoteUser): getRemoteUser
• x-H(requestedSessionId): getRequestedSessionId
• x-H(requestedSessionIdFromCookie): isRequestedSessionIdFromCookie
• x-H(requestedSessionIdValid): isRequestedSessionIdValid
• x-H(scheme): getScheme
• x-H(secure): isSecure

There is also support to write information about headers cookies, context, request or session attributes and request parameters.

• cs(XXX) for incoming request headers with name XXX
• sc(XXX) for outgoing response headers with name XXX
• x-A(XXX) for the servlet context attribute with name XXX
• x-C(XXX) for the first cookie with name XXX
• x-O(XXX) for a concatenation of all outgoing response headers with name XXX
• x-P(XXX) for the URL encoded (using UTF-8) request parameter with name XXX
• x-R(XXX) for the request attribute with name XXX
• x-S(XXX) for the session attribute with name XXX