Enabling access logging

Owned by Adaptavist ScriptRunner for Confluence Cloud
Last updated: Apr 08, 2022 by Ray Lee
2 min read

By enabling access logging, you can log each of the HTTP (or HTTPS) accesses to your CollectionSpace system. By doing so, you can view listings of:

  • Requests made to your system, including their URLs and query parameters.
  • Timestamps identifying when the responses to these requests were returned.
  • Details about each response, including status codes indicating success or error, and the number of bytes returned.
  • (Optional) The round-trip timings for each request made to your system, useful when tuning performance.


Enabling access logging - which is turned off by default - is a recommended best practice. Logging accesses to your CollectionSpace system can often help you troubleshoot configuration, operational, security, and performance issues.

Procedure

To enable access logging:

  1. If the CollectionSpace server is running, stop the server
  2. Edit the file $CSPACE_JEESERVER_HOME/conf/server.xml.

  3. Uncomment the AccessLogValve directive in this file, by removing any XML comment markers (<!-- and –>) that may be present around that section:

    <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log." suffix=".txt" pattern="common" resolveHosts="false"/>

  4.  (Optional) To add round-trip timings to access log entries, identifying how long each request to your CollectionSpace system took to process and send a response, change the value of the pattern= attribute from "common" to the pattern value below, exactly as shown:

    <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log." suffix=".txt"  pattern="%h %l %u %t &quot;%r&quot; %s %b %T" resolveHosts="false"/>

  5. (Optional) To add the CollectionSpace user ID of the user performing an authenticated request, add %{org.collectionspace.authentication.user}r to the above pattern, as shown below:

    <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log." suffix=".txt"  pattern="%h %l %u %{org.collectionspace.authentication.user}r %t &quot;%r&quot; %s %b %T" resolveHosts="false"/>
  6.  Restart the CollectionSpace server

Test

After making this change and restarting the CollectionSpace server, look in your server's log directory for access log files.

The server log directory is:
$CSPACE_JEESERVER_HOME/logs

The access log files will all have filenames containing access_log and will look something like this example: localhost_access_log.2012-07-25.txt. Their names may vary, depending on your server and the current date.

Summary

By following the steps above, you will have enabled access logging for your CollectionSpace system. This will log data about requests to your system, and the responses returned, which can be useful when troubleshooting configuration or operational issues.