Clarity: How do I activate enhanced logging for app-access logs using Apache Tomcat?

Document ID : KB000052322
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

This is useful for both out-of-memory and performance issues:

Access logs are produced by the frontend web server that is connected to your application server. By default this exists for Tomcat but not for Websphere and Weblogic. Frontend webservers need to be setup to be able to product app-access.logs. The information below is targeted for Tomcat.

By default Clarity sets up Tomcat to use the "common" access log valve in Apache.

The class in use is org.apache.cataline.valves.FastCommonAccessLogValve.

Generally speaking the FastCommonAccessLogValve produces some useful data not enough data to make the access.log useful as a troubleshooting tool. This is especially true when an environment is behind a load balancer (LB). When behind a load balancer only the IP address of the LB is pushed through to the log and the independent client IP is not logged. There is no way to know "who" the requestor was. There is also a limitation to finding out when the request was triggered. The timestamp in the log is when the request was completed, not when it started.

This code is set in:

%CLARITY_HOME%/.setup/scripts/j2ee/tomcat
 
<apply parent="/Server/Service/Engine/Host" select="Valve">
<![CDATA[
      <Valve className="org.apache.catalina.valves.FastCommonAccessLogValve"
      directory="${install.dir}/logs" prefix="${app.id}-access-" suffix=".log"
      pattern="common" resolveHosts="false"/>
   ]]>
</apply>
 
This logging is useful but does not include elapsed time, is not easily imported into a spreadsheet and does not contain session data.

Solution:

A new enhanced logging format, which uses the AccessLogValve class (instead of the FastCommonAccessLogValve) has been created to provide elapsed time, a delimited format for accessing the data and session id's to help identify users when load balancers are used.

Access the file, %CLARITY_HOME%/.setup/scripts/j2ee/tomcat, and change the valve class block.

apply parent="/Server/Service/Engine/Host" select="Valve">
   <![CDATA[
      <Valve className="org.apache.catalina.valves.AccessLogValve"
      directory="${install.dir}/logs" prefix="${app.id}-access-" suffix=".log"
      pattern="%h|%t|%r|%s|%b|%D|%{sessionId}c" resolveHosts="false"/>
   ]]>
</apply>

Save the file then run:

niku stop remove app
niku add deploy start app

(Repeat for all apps in a cluster).

The access log will now produce the following in a "|" (pipe) separated format:

IP address of requestor|
Date/Time of the completed request|
URL request|
HTTP Status Code|
Bytes sent back to the client (excluding the header)|

Elapsed time of the request (in ms, can be subtracted from the DateTime to get the request startTime)| Clarity sessionId cookie (a distinct way to group requests, can be tied back to the sessions tables in Clarity to find the user).

For more information on pattern values, go to the following URL http://tomcat.apache.org/tomcat-5.5-doc/config/valve.html.