Weblogic – Http Access logs

Http(s) is a fantastic protocol we have around. As Http connections are stateless & media independent, we recently saw trend for REST services over SOAP services. My current project expose most of the services as Http. So, when coming to monitoring these services, we had handful of options to choose from. However, the data in the access logs is a sweet spot.

The access logs has most of the critical information that are really necessary by default log format : Common Log Format. Some are client information(ipAddress), Url, Http status (200, 404, 500,etc), size of the payload,. But, if we need additional parameters that needs to be logged, we need to use Extended Log Format (ELF). ELF allows us to write a customized logic by implementing the java class : weblogic.servlet.logging.CustomELFLogger and over-riding logField().

If you need to change the format, you can do it from console by following clicks : Home >Summary of Servers > <name of the server> –> Logging –> HTTP –> Click on Advanced –> Format.

Remember that, weblogic comes with the default settings of ‘Log File Buffer’ as 8kb. This means that some access logs are stored in memory (ie. the size we set in the field buffer) before it is really available in access.log file. Of course, we can change the buffer size to 0 to force the weblogic to write the log information in the file.

Below are the some of the article which will help you to understand better :

  1. Enable & configure Http Logs.
  2. Setting up access logs with little more information.
  3. AMIS’s Extended log format using customized field.
  4. Access log not being written immediately. 

I am working on Oracle’s stream processing to forward the logging information to event processor to have some advanced monitoring & alert in place. I will write more on this topic soon. :).