the cool thing about apache is that if configured correctly it will log all access and all errors. sadly, apache, by default, writes its logs on the local system and not via syslog processes. crap.
i really really don't want to go to each of my boxes and grep through /var/log/apache/blah.txt, how do i throw the logs access the network?
well, most linux boxes have tee and logger. tee is a nice program that basically say, do this and this. logger can send arbitrary data to syslog. yay.
in my enabled site, i changed my ErrorLog and CustomLog sections from this:
ErrorLog /var/log/apache2/error.log CustomLog /var/log/apache2/access.log combinedto this:
ErrorLog "|/usr/bin/tee -a /var/log/apache2/error.log | /usr/bin/logger -thttpd -plocal6.err" CustomLog "|/usr/bin/tee -a /var/log/apache2/access.log | /usr/bin/logger -thttpd -plocal6.notice" combinedi'm calling local6 and sending it off to syslog in httpd format. neat.
since i'm using rsyslogd, i edited my /etc/rsyslog.d/50-default conf to pipe off my logs to my remote syslog server:
auth,authpriv.*;local6.* @remotesyslogserverif you'd rather not log to /var/log/syslog, add: local6.none to the -/var/log/messages stanza.
reload your daemons and voila.