Apache webserver logs are located in the
logs catalogue. Secure HTTPS connection logs are located in
Here is an example of a log line:
example.com 2021-03-08T13:58:23.209048Z 184.108.40.206 12345 - user1 "GET / HTTP/2" 200 3390 "https://example.com/referer" "ApacheBench/2.3" 1621846 (064FD630-5.001)
Description of log line elements:
|example.com||Request target Domain/Host|
|2021-03-08T13:58:23.209048Z||START Time of request in UTC|
|220.127.116.11||Requester’s IP address|
|12345||Request’s Port of origin .
If Port is 0, the request was made through a trustworthy proxy (like Cloudflare)
|–||Identd legacy, it is always
|user1||HTTP Basic Auth username. If Basic Auth is not used,
|“GET / HTTP/2”||Request originating from client
|200||Request response code returned from server.
|3390||Request response size in bytes.|
|“https://example.com/referer”||Referrer is the referral address from which the request was made|
|“ApacheBench/2.3”||The web browser or application that performed the request.|
|1621846||Time in microseconds, how long it took the web server to respond to the request.|
|(064FD630-5.001)||064FD630 is PHP-ZFPM identificator. After the hyphen is the time in seconds (5.001s), how long it took PHP to process the request.
If brackets contain