On Fri, 28.06.13 16:33, Matthew Miller (mattdm(a)fedoraproject.org) wrote:
On Fri, Jun 28, 2013 at 09:48:58PM +0200, Zbigniew Jędrzejewski-Szmek
wrote:
> 'uid' as default doesn't make sense, at least with the current way of
accesing
> logs. It is really nice to be able to view messages about a service
> interleaved from various sources. Now when you say 'journalctl -u httpd',
> you get logs from the processes in the httpd.service, but also messages
> from systemd about this service, and possibly information about coredumps
> and hopefully, soon, messages from setroubleshoot. With 'uid', and looking
> only at one file, you'd get only the first kind.
But many cases for accesssing HTTP logs don't need that kind of mixed
information. The service is running fine, but people or programs may want to
look for information about visitors, hits, referrers, etc., etc.
The sysadmin wants the unified view, but the web admin just needs http logs.
Never mind the basic principle of least necessary privilege -- all that
other stuff is just "noise".
That's why we are so strong on filtering the dataset when you look at
it. May I recommend watching this video?
https://www.youtube.com/watch?v=i4CACB7paLc
if you want apache's logs, then run "journalctl -u httpd"...
Lennart
--
Lennart Poettering - Red Hat, Inc.