-
Like syslogd, Apache runs piped logging applications as root.
Use secure programming practices! Careful input validation and/or "tainting"
recommended.
-
Unlike syslogd, Apache starts piped logging applications
immediately, not on first message.
-
If the application terminates, Apache will restart it when
the next message arrives
-
Like syslogd, Apache uses sh(1) to run log monitors. Use
exec
to eliminate the shell's overhead or to avoid "stacking" shells.
-
To avoid problems with different log formats, use a custom
log format. Or, use the error log, whose format is almost
fixed. (Caveat: HostNameLookups does affect the error log format.)
|