Forum OpenACS Q&A: Storing cookie info or user IDs in the access log

Collapse
1: Storing cookie info or user IDs in the access log
Posted by David Gering on 04/20/01 10:41 PM
I want my log analyzer to produce streams of actions per user.
However, the default log setup only differentiates users by IP. This
does not work at all for an AOL user who can show up with several
different IPs. If I could configure the access log (nslog) to store
the user ID from the cookie, then I could use that to mark unique
users. Anyone know how to do this?
Collapse
2: Response to Storing cookie info or user IDs in the access log (response to 1)
Posted by Justin Ross on 04/20/01 10:59 PM

Here's how we do it:

ns_section "ns/server/${servername}/module/nslog"
ns_param   debug           true
ns_param   dev             true
ns_param   rolllog         true
ns_param   rollonsignal    true
ns_param   rollhour        0
ns_param   maxbackup       999
ns_param   file            ${homedir}/log/${servername}.log
ns_param   logcombined     true
ns_param   extendedheaders COOKIE

We are using this build of AOLserver:

AOLserver/3.2+ad10 (aolserver3_2_ad10)
   CVS Tag:         $Name: aolserver3_2 $
   Built:           Dec  5 2000 at 17:14:44
   Tcl version:     8.3
   Thread library:  pthread
   Platform:        linux
Collapse
3: Response to Storing cookie info or user IDs in the access log (response to 1)
Posted by Justin Ross on 04/20/01 11:06 PM
I should qualify the above: that is how we get cookie data in our access log.  You'll have to do some more work to boil each entry down to a user_id.
Collapse
4: Response to Storing cookie info or user IDs in the access log (response to 1)
Posted by Vadim Nasardinov on 05/04/01 04:09 PM

To furhter qualify Justin's suggestion, you can write user_id's directly into the access log without having to "massage cookies". Like Justin said, you would put something like this in your server config file: 

ns_param ExtendedHeaders X-User-Id

And then you would have to make sure the following code gets run on every request, before you serve the page. 

ns_set put [ns_conn headers] X-User-Id "user_id=$user_id"
Collapse
5: Response to Storing cookie info or user IDs in the access log (response to 1)
Posted by Jonathan Ellis on 06/27/02 05:40 PM
With reference to Vadim's suggestion, more specifically, in OACS 3.x what you'd do is put the following lines in sec_read_security_info before return "filter_ok": 
    if [info exists ad_sec_user_id] {
        set user_id $ad_sec_user_id
    } else {
        set user_id 0
    }
    ns_set put [ns_conn headers] X-User-Id "user_id=$user_id"
Collapse
6: Re: Storing cookie info or user IDs in the access log (response to 1)
Posted by Rocael Hernández Rizzardini on 05/28/03 12:35 AM
Does anyone knows if analog can gives you a per user_id report in the sense of which urls has been requested by a user?

if yes, how to do that?

Collapse
7: Re: Response to Storing cookie info or user IDs in the access log (response to 5)
Posted by Joel Aufrecht on 06/24/03 09:30 PM
Should this go in as a patch?  How harmless is it?  Does putting the user_id in the HTTP headers matter if the user id is often in the url anyway?  Is there a performance impact?  Should we make this the default behavior in conjunction with adding matching code to config.tcl to capture it?  Does the extra data in the access log break the standard log format?
Collapse
8: Re: Storing cookie info or user IDs in the access log (response to 1)
Posted by Rocael Hernández Rizzardini on 06/24/03 09:45 PM
Yes Joel, you can put it as the default behaivor on config.tcl, it won't affect the access.log.
We are in a point to release an small package to handle the reports with analog.
Collapse
9: Re: Response to Storing cookie info or user IDs in the access log (response to 7)
Posted by Andrew Piskorski on 06/25/03 09:13 AM
Joel, it is completely harmless, as the user_id is being added to the incoming HTTP headers not any outgoing headers. Yes, it sounds odd, but that is actually the way it works. And no, adding the extra data to the access log shouldn't break anything trying to read it.

Here are yet three more threads dicussing this issue: Nov. 2001, May 2002, April 2003.

Collapse
10: write user_id to the server log on error? (response to 9)
Posted by Andrew Piskorski on 08/02/05 09:59 PM
As I mentioned back in 2002, it is easy to write the OpenACS user_id to the AOLserver access log on each and every hit. However, when an error occurs, it would be really nice if the user_id was included with the error stack trace in the error log, but there is no obvious way to do this.

Has anyone since come up with a way to log the user_id to the error log whenever a page throws a Tcl error?