HTTPD24_ERRORLOG fails if module not present
jordi-domingo opened this issue · comments
Jordi Domingo Ballesta commented
Issue description
For Apache 2.4 error logs, if the module string is empty, the HTTPD24_ERRORLOG grok pattern fails (_grokparsefailure
).
Example log entry:
[Tue Apr 14 14:27:52.605084 2020] [:error] [pid 5688] [client XX.XX.XX.XX:8196] script '/XXX/wp-login.php' not found or unable to stat
Workaround
Expand %{HTTPD24_ERRORLOG}
and replace this part:
\[%{WORD:module}:%{LOGLEVEL:loglevel}\]
with this:
\[(%{WORD:module})?:%{LOGLEVEL:loglevel}\]
Details for fast resolution
- Version: 7.6.1
- Operating System: docker on Ubuntu 18.04