HTTP access logging

You can configure access log settings for HTTP endpoints. An HTTP access log contains a record of all inbound client requests that are handled by HTTP endpoints. You can enable access logging in the HTTP server or the Liberty server in two modes:

  • A single log for multiple endpoints

  • One log for each endpoint

If you do not specify attributes, the defaults are used. To see a list of the default attributes, see httpAccessLogging.

HTTP access log settings

  • Using a common log

    To enable logging for multiple endpoints with common settings, include httpAccessLogging as a top-level element in your server.xml file, and then reference it from multiple httpEndpoint elements, as shown in the following example:

<httpAccessLogging id="accessLogging"/>
<httpEndpoint id="defaultHttpEndpoint" accessLoggingRef="accessLogging" httpPort="9080" httpsPort="9443"/>
<httpEndpoint id="otherHttpEndpoint" accessLoggingRef="accessLogging" httpPort="9081" httpsPort="9444"/>
  • Using distinct logs for each endpoint

    To enable logging for individual endpoints, use an accessLogging child element and specify a file path that does not conflict with other logs, as shown in the following example:

<httpEndpoint id="defaultHttpEndpoint" httpPort="9080" httpsPort="9443">
    <accessLogging filepath="${server.output.dir}/logs/http_defaultEndpoint_access.log"/>

HTTP access log format

Use the accessLogFormat property to specify the information and format you want to include in the NCSA access log for an HTTP transport channel. The value for this property is a space-separated list of options.

This log format string is specified by using the logFormat attribute of httpAcccessLogging or accessLogging elements in the server.xml file, as shown in the following examples:

<httpAccessLogging logFormat='%h %u %{t}W "%r" %s %b %D %{R}W'/>


<httpEndpoint id="defaultHttpEndpoint" httpPort="9080" httpsPort="9443">
   <accessLogging filepath="${server.output.dir}/logs/http_defaultEndpoint_access.log"
                  logFormat='%h %i %u %t "%r" %s %b %D %{R}W' />

The following table lists the available log format options.

Log format option Description


Remote IP address


Local IP address


Response size in bytes excluding headers


Response size in bytes excluding headers 0 is printed instead of - if no value is found.

%{CookieName}C or %C

The request cookie specified within the brackets. If the brackets are not included, prints all of the request cookies.


The elapsed time of the request - millisecond accuracy, microsecond precision


Remote host

%i or %{HeaderName}i

HeaderName header value from the request


Request method

%o or %{HeaderName}o

HeaderName header value from the response


Output the query string with any password escaped


First line of the request


Service time of the request from the moment the request is received until the first set of bytes of the response is sent - millisecond accuracy, microsecond precision


Status code of the response


NCSA format of the start time of the request


The current time when the message to the access log is queued to be logged in normal NCSA format.


Remote user according to the Open Liberty-specific $WSRU header.


URL Path, not including the query string


Cross Component Tracing (XCT) Context ID

Each option can be enclosed in quotation marks, but the quotation marks are not required. Unless otherwise noted, a value of - is printed for an option if the requested information cannot be obtained for that option.

The order that you specify the options determines the format of this information in the log. For example, you might specify the following directives as the value for the accessLogFormat property:

 %h %i %u %t "%r" %s %b %D %{R}W

Based on this setting, the NCSA access log will include the following information for each request in the specified order:

  • The remote host

  • The HeaderName header value from the request

  • The remote user according to the WebSphere Specific $WSRU header

  • The NCSA format of the start time of the request

  • The first line of the request

  • The status code of the response

  • The response size in bytes excluding headers

  • The elapsed time of the request in microseconds, end-to-end, including client and network time

  • The elapsed time in microseconds until the first bytes of the response are sent. This value is often a close approximation of application response time.