The following is a useful receipe. It allows you to quickly see logs of a running web application in real time.
In my case I had a simple Python web application which Apache was proxying. The app was an endpoint for AmazonSNS. I needed to see, at remote locations, the Apps handling of data it received. I didn't want to develop this functionality in the App.
I don't make this logging publically available. I added basic access restriction to prevent general access. It also allows me to share the logs with third parties. This saves me having to ssh and get the log file I would then send to them. They can see the servers handling of their data, without needing help from me or shell access.
I did the following on an Ubuntu server with Apache2 and Netcat.
Create an initctl entry to manage the log
# Create a new service with the following contents
sudo vi /etc/init/someservicelogtail.conf
# /etc/init/someservicelogtail.conf
#
description "Server log tailer upstart script"
start on startup
start on runlevel [2345]
stop on shutdown
#expect fork
respawn
console output
pre-start script
end script
script
su - ubuntu -c "tail -f /path-to-logdir/Server.log | nc -l 18080 2>&1 "
end script
post-stop script
end script
Start / Status / Stop commands to start, stop and check the log tailer is working
# start service running $ sudo initctl start someservicelogtail someservicelogtail start/running, process 27974 $ # Check it is running: $ sudo initctl status someservicelogtail someservicelogtail start/running, process 27974 $ # An stop if you need to at some point in the future: $ sudo initctl stop someservicelogtail someservicelogtail stop/waiting $
Now create an entry in apache to proxy to the the log output at a certain uri
# Edit the apache configuration for your site. In my case this was added to a VirtualHost entry
vi /etc/apache2/sites-available/someconfigforsite.conf
# Snip. You will need to add this to you virtualhost or configuration
# for the domain running the server.
#
<VirtualHost>
# :
# other set up.
#
# This goes above any entry for your server if it is proxy passed:
<Location /log>
# http(s)://external-url-dot-something/log will come to the netcat log service:
#
# retry=0: Keep trying each request, no waiting to retry connection
# to logtail service if its down:
ProxyPass http://localhost:18080 retry=0
ProxyPassReverse http://localhost:18080
# Basic access restriction to log data:
AuthUserFile /etc/log-access
AuthName "Develop/Debug Log Access"
AuthType Basic
require valid-user
</Location>
# Other server configuration
# :
</VirtualHost>
Test the apache configuration and reload
# Successful run of the following should look like: # # Syntax OK # * Reloading web server config apache2 [ OK ] # sudo apache2ctl configtest && sudo /etc/init.d/apache2 reload
Create the basic auth details
# -c create, used first time only. To change the password don't use it. # The log-access needs to be readable by Apache: htpasswd -c /etc/log-access username # You will be prompted for a password
Test the log tail
Open a browser and go to the http://.../log URL and enter the user and password when requested. Log entries will appear only when there is output to the log. The browser will continually load entries as they appear. The most recent entry is at the bottom of the page.