Hi,
I have a JIRA instance running on Tomcat. I am trying to parse the Tomcat Access Log to finally display it in a Kibana Dashboard so that I can monitor the usage.
My typical access log line looks like this :
100.10.10.10 1x756917x1 collabin [12/May/2020:00:01:25 +0530] "GET /rest/api/2/project/ABC HTTP/1.1" 200 4759 466 "-" "-" "11nppm7"
where "collabin" is the user name which is clear for me.
I noticed many other log lines where the user name is just a "-". For example when a user loads a JIRA dashboard:
100.10.10.10 1x756921x1 - [12/May/2020:00:01:38 +0530] "GET /secure/Dashboard.jspa HTTP/1.1" 200 36019 147 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-"
I have searched for an answer and what I got is "it is the Remote user that has been authenticated. If there is none, it’s a hyphen (-)".
I wish to capture the username for monitoring the usage metrics. What can be inferred from a user name which is "-" ? Should I monitor the adjacent log lines to get the actual user who loaded the Dashboard ? Or should I treat them as JIRA internal calls and discard ?
This is the entry that you will see before the user has logged in. Until the user identifies themselves by logging and a creating a session cookie, Tomcat has no way to associate the call with a specific user. You need to treat these as anonymous users. You could look at the following lines in the log correlating them by IP address to resolve the user who initially tried to reach the Jira page.
Online forums and learning are now in one easy-to-use experience.
By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.