apache error and access logs are missing, what could be the cause and how can I recreate them?

by Itai Ganot   Last Updated August 13, 2019 23:00 PM - source

I've been given a task to understand why 2 CentOS web servers running apache 2.2.3 are experiencing very high loads on specific occasions. The first thing I checked was /var/log/messages but then I realized that rsyslog is turned off for some reason, so I started it and turned it on using chkconfig. Then, I wanted to check apache error and access logs, so I browsed to /var/log/httpd but found the folder to be empty. I've checked /etc/httpd/conf/httpd.conf and saw these lines:

ErrorLog logs/error_log
CustomLog logs/access_log combined

As far as I know it refers to /var/log/httpd/ but as said before the folder is empty. While writing this question I've looked for the httpd version on the server and ran httpd -v and that's the response I got:

[[email protected] httpd]# httpd -v
Server version: Apache/2.2.3
Server built:   May  4 2011 06:51:15
Unable to open logs

My questions are:

  1. What could cause the logs to disappear? (It is possible they were never created in the first place)
  2. How can I recreate the logs and make sure data is written to them?
  3. Which permissions should be set on /var/log/httpd? The current permissions are: drwx------ 2 root root

Thanks in advance

Answers 2

When path references in an Apache configuration are not absolute (i.e. don't start with /) they are relative to the directory set in the ServerRoot directive. A common default for the ServerRoot is /etc/httpd making /etc/httpd/logs your log directory.

Most packaged Apache versions create a symbolic link from /etc/httpd/logs to /var/log/httpd. Either the actual directory in /etc/httpd is missing (or the root filesystem is full) or the symbolic link may be missing in your setup.

Apache gets started by root and opens the log files as root before dropping privileges so those directory permissions on /var/log/httpd seem correct.

July 07, 2014 13:13 PM

My problem was that there was no Log directive for the access log. I followed the instructions here https://ubuntuforums.org/showthread.php?t=1704686 which basically says:

On ubuntu, you're supposed to have a file named /etc/apache2/conf.d/other-vhosts-access-log with the following contents:

# Define an access log for VirtualHosts that don't define their own logfile
CustomLog ${APACHE_LOG_DIR}/other_vhosts_access.log vhost_combined

I was missing this, which is why I didn't get the logs.

Amichai Schreiber
Amichai Schreiber
January 23, 2017 11:33 AM

Related Questions

How to redirect HTTP post request

Updated March 28, 2016 08:00 AM