How to view access logs?

Q: How to view access logs?

SSLcat's access logging feature provides complete access trail tracking and monitoring, with detailed log analysis and statistical reports.

SSLcat provides a complete access logging feature that allows you to track all access requests, analyze access patterns, and monitor system status.

Log Types

SSLcat generates several types of logs:

Access Log - Records all HTTP/HTTPS requests
Error Log - Records errors and exception information
Security Log - Records security-related events
System Log - Records the system's operational status

Access Log Format

The access log contains detailed information:

2024-01-15 10:30:45 192.168.1.100 GET /api/users 200 1.2s "Mozilla/5.0..."
2024-01-15 10:30:46 192.168.1.101 POST /api/login 401 0.8s "curl/7.68.0"
2024-01-15 10:30:47 192.168.1.102 GET /static/style.css 200 0.1s "Mozilla/5.0..."

Log Configuration

Configure the log output format and level:

# Logging configuration
logging:
  level: "info"
  format: "json"
  output: "file"
  
  # Access log
  access_log:
    enabled: true
    file: "/var/log/sslcat/access.log"
    format: "combined"
    rotation:
      max_size: "100MB"
      max_files: 10
  
  # Error log
  error_log:
    enabled: true
    file: "/var/log/sslcat/error.log"
    level: "error"

Real-time Log Viewing

View log files in real time:

# View access log
tail -f /var/log/sslcat/access.log

# View error log
tail -f /var/log/sslcat/error.log

# View system log
journalctl -u sslcat -f

Log Analysis

Analyze logs using command-line tools:

# Count access volume
awk '{print $1}' /var/log/sslcat/access.log | sort | uniq -c | sort -nr

# View error requests
grep " 4[0-9][0-9] " /var/log/sslcat/access.log

# View 5xx errors
grep " 5[0-9][0-9] " /var/log/sslcat/access.log

# Analyze response times
awk '{print $NF}' /var/log/sslcat/access.log | sort -n

Admin Panel Logs

View logs through the web admin panel:

Real-time Logs - Display the latest logs in real time
Log Search - Search by time, IP, status code
Log Filtering - Filter by log level
Log Export - Export log files

Log Rotation

Configure log rotation to prevent log files from becoming too large:

# logrotate configuration
/var/log/sslcat/*.log {
    daily
    rotate 30
    compress
    delaycompress
    missingok
    notifempty
    create 644 sslcat sslcat
    postrotate
        systemctl reload sslcat
    endscript
}

Monitoring and Alerting

Log-based monitoring and alerting:

Error Rate Monitoring - Monitor 4xx/5xx error rates
Access Volume Monitoring - Monitor for abnormal access volume
Response Time Monitoring - Monitor response times
Security Event Monitoring - Monitor security-related events

Log Analysis Tools

Recommended log analysis tools:

ELK Stack - Elasticsearch + Logstash + Kibana
Grafana - Visualization monitoring panel
Prometheus - Metrics collection and monitoring
GoAccess - Real-time web log analyzer

Best Practices

Best practices for log management:

Reasonable Configuration - Set an appropriate log level
Regular Cleanup - Periodically clean up old log files
Monitoring and Alerting - Configure alerts for key metrics
Backup Strategy - Back up important log files

With a comprehensive logging system, you can better monitor and manage your SSLcat services.