LabKey Server can log each HTTP request sent to the server, including requests from logged in users, anonymous guest users, and API calls into the server.
Information is written to a text file on the file system using Tomcat's native access logging. Access logs can include details such as queries requested, user information, server actions invoked, etc. By default:
$CATALINA_HOME/logs
directory localhost_access_log.YYYY-MM-DD.txt
The information written to the log, and its format, is controlled by the <Valve> element in the configuration file:
CATALINA_HOME/conf/server.xml
Tomcat's default log format has the following pattern code:
%h %l %u %t "%r" %s %bwhich provides log entries like the following:
0:0:0:0:0:0:0:1 - - [16/Jul/2020:11:45:35 -0700] "GET /labkey/home/helloworld/ query-getQuery.api?dataRegionName=query&query.queryName=things&schemaName=helloworld &query.color%2Fname~eq=Red&query.columns=name&apiVersion=9.1 HTTP/1.1" 200 2746
See below for a description of what each pattern code means. Complete documentation on the Tomcat Access Logging can be found at Access Log Valve
For production installations of the LabKey server, we recommend the following format. Because Tomcat uses an XML configuration file, the quotes need to be encoded. See the <Valve>
example below for guidance.
%h %l %u %t "%r" %s %b %D %S "%{Referer}i" "%{User-Agent}i" %{LABKEY.username}s
This format introduces the following elements:
Also consider 3 other LabKey specific fields that might be of interest in particular circumstances:
Below is an example configuration for using the fields mentioned above:
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log." suffix=".txt" pattern="%h %l %u %t "%r" %s %b %D %S "%{Referer}i" "%{User-Agent}i" %{LABKEY.username}s" resolveHosts="false"/>
This configuration provides log entries like the following:
0:0:0:0:0:0:0:1 - - [03/Aug/2020:10:11:16 -0700] "GET /labkey/HiWorld/query-getQuery.api? dataRegionName=query&query.queryName=things&schemaName=helloworld&query.color%2Fname~eq=Red&quer y.columns=name&apiVersion=9.1 HTTP/1.1" 200 2714 186 D9003A0B7132A3F98D1E63E613859230 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.89 Safari/537.36" username@labkey.com
Reference information below was taken from the Tomcat docs at: Access Log Valve
There is also support to write information from the cookie, incoming header, outgoing response headers, the Session or something else in the ServletRequest. It is modeled after the Apache syntax:
When using a load balancer, such as AWS ELB or ALB, you may notice that your logs are capturing the IP address of the load balancer itself, rather than the user's originating IP address. To obtain the source IP address, first confirm that your load balancer is configured to preserve source IPs:
One possible valve configuration pattern to use is:
pattern="%{org.apache.catalina.AccessLog.RemoteAddr}r %l %u %t "%r" %s %b %D %S "%{Referer}i" "%{User-Agent}i" %{LABKEY.username}s %q"