How to truncate the request URL written to the Web Server 6.1 access log.

Q:  How can I trim the request line written to the access logs so that the whole
    URL is not written but only a piece?

    This can be an important consideration where there is the possibilit that
    sensitive data such as a password may be written to the log files in
    clear text.

example line written to access log:

135.155.56.162 - - [26/Jan/2009:20:53:04 -0500] "GET
/US/ABC/signon/DisplayUsernameSignon.do?password=nevershowthis

and here is what we would like to see:

/US/ABC/signon/DisplayUsernameSignon.do

A:  To accomplish this for a single particular URL as is listed the following
    can be performed:

<Object ppath="\*(\*/ABC/sign/DisplayUsernameSignon.do\*)">
AuthTrans fn="set-variable" set-reqpb="clf-request=/ABC/sign/DisplayUsername.do"
</Object>


The above has the effect of rewriting the clf-request in the access logs
to change it to just /JSO/sign/DisplayUsername.do.

This solution will work for one particular URL but to do this for all URL's
it would require the creation of an NSAPI filter.
Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

Gregory Bedigian

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today