Skip to main content

Sample Apache Tomcat 7 Access Log Field Extraction Rule

Rule Name: Tomcat Access Log

Log Type: Apache Tomcat 7 Access Log

Rule Description: Parse the Remote IP address, Method, Requested URL path, HTTP status code, Time Taken, and Bytes Sent.

Sample Log:

192.100.20.135 - - [07/Oct/2014:22:44:16 +0000] "GET /ServiceAPI/mappings/123456/load HTTP/1.1" 200 1414 6234

Extraction Rule:

| parse regex "(?<ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}? )" | parse regex "\"(?<method>\D{1,7}? )" | parse regex "\"\D{1,7} (?<url>\S{1,2048}? )" | parse regex "\" (?<status>\d{3}? )" | parse regex "\" \d{3} (?<time_taken>\d{1,}? )" | parse regex "\" \d{3} \d{1,} (?<bytes_sent>\d{1,}?)"

Resulting Fields:

Field NameDescriptionExample
ipThe client IP address. 192.100.20.135
methodHTTP request method. GET
urlResource requested by the client./ServiceAPI/mappings/123456/load
statusHTTP response status code. 200
time_takenTime taken to process the request.1414
bytes_sentCount of bytes sent.6234
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.