40.13. Configuring Logging
By default, ProFTPD logs all transfers to the file /var/log/xferlog in the standard FTP logging format (unless a different path has been selected at compile time). You can configure the server to log transfers to and from each virtual server differently, however, and anonymous FTP traffic as well. This is most useful in a virtual hosting environment in which your system hosts FTP sites for many different customers.
It is also possible to define additional log files that use different formats, and optionally include only a subset of FTP commands. This can be useful if you only care about uploads and don't want your log files clogged up with useless information.
To configure where and how logs are written globally or for an individual virtual server, follow these steps:
1. | If you want to change the location of the global log file that is used for all transfers (unless overridden by a virtual server), click on the Logging icon on the main page. If you want to configure a specific virtual server to use a different log file, click on its icon and then on the Logging icon on the virtual server options page. To change the logging settings for anonymous clients only, click on a virtual server icon, then on Anonymous FTP and finally on the Logging icon on the anonymous FTP options page. |
2. | On the resulting logging options form, the FTP transfers logfile field controls where logs are written to. To specify a file, select the last option and enter a full path like /var/log/example.com.xfers, into the adjacent text field. To turn off logging altogether, select Logging disabled. To use the global default, select the Default option. If you are editing the global logging settings, ProFTPD will use the compiled-in default log file /var/log/xferlog. |
3. | The Custom logfiles table can be used to define additional logs for specific commands and with arbitrary formats. As usual, it will always have one empty row for adding a new custom log file. To add one, fill in the fields under these headings: Logfile The full path to the log file, such as /home/example.com/ftplog. For FTP commands If All is selected, all FTP commands will be logged. If you choose the second option, however, only those command classes in the adjacent text box will be included. Recognized classes are NONE (no commands), ALL (all commands), INFO (information requests), DIRS (directory navigation), READ (file download), WRITE (file upload and directory creation), SITE (non-standard commands like CHMOD), and MISC (other miscellaneous commands). Multiple classes must be separated by commas, like READ,WRITE. You cannot use the names documented in Section 40.12 “Restricting Access to FTP Commands”. Log format If Default is selected, the standard FTP log format will be used. But if the second option is chosen, you must enter a recognized log format name into the text box. The next paragraph explains how to set up named log formats. Because only one empty row appears in the table, you can only add one custom log at a time. To add more, click on the Logging icon again after saving and fill in the new blank row. To delete a custom log, just clear out its field in the Logfile column. |
4. | Click the Save button to save the new settings, and then click Apply Changes on the main page to activate them. |
If you want to use your own custom formats for log files, they must first be defined globally. To create a format, complete the following steps:
1. | On the module's main page, click on the Logging icon to bring up the global log file options page. |
2. | The Custom log formats table is for defining your own formats. In the first blank field under Format name, enter a short name for your new format such as filesonly. In the field next to it, under Format string, enter text containing the log codes recognized by ProFTPD, like Downloaded %f at %t. The special codes in the string starting with % are replaced by the server with information about the command, as explained in Table 40.3. As usual, you can add more than one custom format by re-entering the page after saving so that a new blank row appears. A format can be deleted by just clearing out its Format name field. |
3. | Click the Save button to return to the main page, and then click Apply Changes. The new format can now be used in custom log files. |
According to the ProFTPD documentation, the recognized log format codes are those shown in Table 40.3.
| %a | Remote client IP address |
| %A | Anonymous password, or UNKNOWN for non-anonymous clients |
| %b | Bytes sent for request |
| %{NAME}e | Contents of environment variable NAME. Note that the server does not set any environment variables itself. |
| %f | The absolute filename stored or retrieved |
| %F | The filename stored or retrieved, as the client sees it |
| %h | Remote client DNS name |
| %l | Remote username (from ident), or UNKNOWN if none is available |
| %L | Local server IP address |
| %m | FTP command name received from client, such as RETR |
| %p | Local server port number |
| %P | Local server process ID |
| %r | Full command line received from client |
| %s | Numeric FTP response code |
| %t | Current local time |
| %{FORMAT}t | Current local time formatted by the standard UNIX strftime function using FORMAT |
| %T | Time taken to transmit or receive the file, in seconds |
| %u | Local authenticated username as which the client logged in |
| %v | Name of the virtual server that the client is connected to, from the ProFTPD configuration |
| %V | DNS name the virtual server that the client is connected to |
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.