Add request log ID to error & access logs

request_log_id to access and error formats functionality. Enables easier association with access and error records.

Author: WillTheFarmer

.github/CHANGELOG.md

@@ -2,6 +2,7 @@
 - version 1.1.0 - 11/18/2024 - major changes
 - version 1.1.1 - 11/20/2024 - keyword replacement
 - version 2.0.0 - 11/30/2024 - backward incompatible
+- version 2.1.0 - 12/09/2024 - request_log_id functionality
 - [1.0.1] apache_logs.error_systemCodeID corrected line - INTO logsystemCode to INTO logsystemCodeID
 - [1.0.1] remove debugging - SELECT statement from apache_logs.process_access_import, process_error_import & normalize_useragent.
 - [1.0.1] remove whitespace and commented out old code on all stored programs
@@ -38,3 +39,14 @@
 - [2.0.0] add file - CHANGLOG.md - for single place to list all code and database changes
 - [2.0.0] The rest of changes made last month are many modifications and additions from previous version will remain undocumented. 
 - [2.0.0] This version is the application baseline
+- [2.1.0] add request_log_id to access and error formats functionality. Enables easier association with access and error records. 
+- [2.1.0] add columns to load_error_default & load_access_csv2mysql TABLES
+- [2.1.0] modify process_error_parse - replace POSITION function with LOCATE function, removed unrequired brackets, add parsing logic for %v and %L String Formats.
+- [2.1.0] modify process_error_import - add normalization for request_log_id, replace POSITION function with LOCATE function
+- [2.1.0] modify process_access_parse - add parsing for request_log_id, replace POSITION function with LOCATE function
+- [2.1.0] modify process_access_import - add normalization for request_log_id, replace POSITION function with LOCATE function
+- [2.1.0] modify process_access_import - cookie,remoteuser,remoteLogName,referer,requestLogID values of '-' set to NULL. No normalized table value is created.
+- [2.1.0] modify process_access_import - add servernameid to requestlogid before normalization to avoid duplicate requestlogid on consolidation of multiple domain logs.
+- [2.1.0] modify process_error_import - add servernameid to requestlogid before normalization to avoid duplicate requestlogid on consolidation of multiple domain logs.
+- [2.1.0] modify apacheLogs2MySQL.py - add .replace('"', ' in.') to all useragent attributes before UPDATE statement execute. The " in attribute value breaks UPDATE String.
+- [2.1.0] update README.md to describe and explain additional request_log_id functionality

.github/CONTRIBUTING.md

@@ -1,14 +1,14 @@
-To contribute Apache Access or Log formats commonly used that the application is not setup to do please email [email protected] with subject <sup>Additional Import Formats</sup> and I'll consider incorporating the format into import process.
+To contribute Apache Access or Log formats commonly used that application is not setup for please email [email protected] with subject <sup>Additional Import Formats</sup> and I'll consider incorporating the format.
 
 To contribute ideas or comments email [email protected] with subject <sup>ideas or comments</sup> and I'll be sure to reply.
 
-Any organizations, people or person with multiple Apache servers that find this application to be a godsend in log collection financial contributions are greatly appreciated.
+Any organizations, people or person with multiple Apache servers that find application to be a godsend in log collection financial contributions are greatly appreciated.
 
 ### The Repository's ***- Sponsor this project -*** lists three methods to make financial contributions.
 
-There's not alot of code in the final version but I have 800 plus hours of research, design, iteration & development into application. During October I worked crazy long hours around the clock on this. It is way more time then I intended to invest into this project and another project did get put on the back burner but it did produce my first open-source software.
+There's not alot of code in the final version but I have 850 plus hours of research, design, iteration & development into application. During October I worked long hours around the clock on this. It is way more time then I intended to invest into this project and another project did get put on the back burner but it did produce my first open-source software.
 
-I volunteer for a nonprofit organization that needed a simple solution to import Apache logs into MySQL. The Executive Director loves MySQL. First I installed the Apache log_sql_mysql modules which did create a single MySQL mostly empty table of the access log with no control or customization. Next I researched many available Apache logging solutions including GoAccess, Logstach, Apache Viewer, DataDog and others as well as CrowdStrike and Soloarwinds Loggly. I also reviewed several simple log file parsers but none that normalized the parsed log data into a MySQL database. After all my investigating I decided to write a simple solution which snowballed into this complete solution.
+I volunteer for a nonprofit organization that needed a simple solution to import Apache logs into MySQL. The Executive Director loves MySQL. First I installed the Apache log_sql_mysql modules which did create a single MySQL mostly empty table of the access log with no control or customization and many other issues. Next I researched available Apache logging solutions including GoAccess, Logstach, Apache Viewer, DataDog and others as well as CrowdStrike and Soloarwinds Loggly. I also reviewed several simple log file parsers but none normalized the parsed log data into a MySQL database. After all my investigating I decided to write a simple solution which snowballed into this complete solution.
 
 That's how volunteering, lack of a viable MySQL solution and a flexible schedule came together just right to allow me to dive deep into this project.
 

.github/README.md

@@ -3,8 +3,6 @@ ApacheLogs2MySQL consists of two Python Modules & one MySQL Schema to automate i
 
 Runs on Windows, Linux and MacOS & tested with MySQL versions 8.0.39, 8.4.3, 9.0.0 & 9.1.0.
 
-Version 2.0.0 fixes issues encountered running 4 weeks on 7 VPS with 2 to 6 VirtualHosts on each VPS. Each VPS is running `watch4logs.py` in PM2 connecting to one MySQL server `apache_logs` schema. Application currently consolidates Access and Error logs from 32 domains.
-
 Imports Access Logs in Apache LogFormats - ***common***, ***combined*** and ***vhost_combined*** & additional ***csv2mysql*** LogFormat defined below. 
 
 Imports Error Logs in Apache ***default*** ErrorLogFormat & ***additional*** ErrorLogFormat defined below performing data harmonization on Apache Codes & Messages, System Codes & Messages, and Log Messages to create a unified, standardized dataset. Error Log view images below.
@@ -73,10 +71,10 @@ LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" v
 |%v|The canonical ServerName of the server serving the request.|
 |%p|The canonical port of the server serving the request.|
 
-Application is designed to use the ***csv2mysql*** LogFormat. LogFormat has comma-separated values and adds 7 Format Strings. A complete list of Format Strings
+Application is designed to use the ***csv2mysql*** LogFormat. LogFormat has comma-separated values and adds 8 Format Strings. A complete list of Format Strings
 with descriptions indicating added Format Strings below.
 ```
-LogFormat "%v,%p,%h,%l,%u,%t,%I,%O,%S,%B,%{ms}T,%D,%^FB,%>s,\"%H\",\"%m\",\"%U\",\"%q\",\"%{Referer}i\",\"%{User-Agent}i\",\"%{farmwork.app}C\"" csv2mysql
+LogFormat "%v,%p,%h,%l,%u,%t,%I,%O,%S,%B,%{ms}T,%D,%^FB,%>s,\"%H\",\"%m\",\"%U\",\"%q\",\"%{Referer}i\",\"%{User-Agent}i\",\"%{farmwork.app}C\",%L" csv2mysql
 ```
 |Format String|Description|
 |-------------|-----------|
@@ -101,6 +99,7 @@ LogFormat "%v,%p,%h,%l,%u,%t,%I,%O,%S,%B,%{ms}T,%D,%^FB,%>s,\"%H\",\"%m\",\"%U\"
 |%{Referer}i|The "Referer" (sic) HTTP request header. This gives the site that the client reports having been referred from.|
 |%{User-Agent}i|The User-Agent HTTP request header. This is the identifying information that the client browser reports about itself.|
 |%{VARNAME}C|ADDED - The contents of cookie VARNAME in request sent to server. Only version 0 cookies are fully supported. Format String is optional.|
+|%L|ADDED - The request log ID from the error log (or '-' if nothing has been logged to the error log for this request). Look for the matching error log line to see what request| caused what error.
 ## Two supported Error Log Formats
 Application processes Error Logs with ***default format*** for threaded MPMs (Multi-Processing Modules). If you're running Apache 2.4 on any platform and ErrorLogFormat is not defined in config files this is the Error Log format.
 |Format String|Description|
@@ -118,14 +117,19 @@ Application processes Error Logs with ***default format*** for threaded MPMs (Mu
 ```
 ErrorLogFormat "[%{u}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i"
 ```
-Application also processes Error Logs with this ***additional format*** which adds `%v - The canonical ServerName`. Easiest way to identify error logs for each domain is add `%v` to ErrorLogFormat.
+Application also processes Error Logs with ***additional format*** which adds:
+ 1) `%v - The canonical ServerName` - This is easiest way to identify error logs for each domain is add `%v` to ErrorLogFormat. 
+ 2) `%L - Log ID of the request` - This is easiest way to associate Access record that created an Error record. Apache mod_unique_id.generate_log_id() only called when error occurs and will not cause performance degradation under error-free operations. 
 
-To use this format place the `ErrorLogFormat` before `ErrorLog` in `apache2.conf` to set error log format for Server and ALL VitualHosts on Server.
-|Format String|Description - The spaces on each side of comma are required.|
+To use this format place `ErrorLogFormat` before `ErrorLog` in `apache2.conf` to set error log format for ***Server*** and ***VitualHosts*** on Server.
+|Format String|Description - `Space` required on left-side of `Commas` to parse data properly|
 |-------------|-----------|
 |%v|The canonical ServerName of the server serving the request.|
+|%L|Log ID of the request. A %L format string is also available in `mod_log_config` to allow to correlate access log entries with error log lines. If `mod_unique_id` is loaded, its unique id will be used as log ID for requests.|
+
+***Important:*** `Space` required on left-side of `Commas` as defined below:
 ```
-ErrorLogFormat "[%{u}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i , %v"
+ErrorLogFormat "[%{u}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i ,%v ,%L"
 ```
 ## Two options to attach ServerName & ServerPort to Access & Error logs
 
@@ -151,6 +155,7 @@ Log file naming conventions enable the use of UPDATE statements:
 ```
 UPDATE apache_logs.import_file SET server_name='farmfreshsoftware.com', server_port=443 WHERE server_name IS NULL AND name LIKE '%farmfreshsoftware%';
 UPDATE apache_logs.import_file SET server_name='farmwork.app', server_port=443 WHERE server_name IS NULL AND name LIKE '%farmwork%';
+UPDATE apache_logs.import_file SET server_name='ip255-255-255-255.us-east.com', server_port=443 WHERE server_name IS NULL AND name LIKE '%error%';
 ```
 First option requires uncommenting `os.getenv` to load variables at top of `apacheLogs2MySQL.py`. By default, variables are defined and set to an empty string. Below is a screenshot of the variables loaded at top of `apacheLogs2MySQL.py` with commented `os.getenv` code.
 ![load_settings_variables.png](./assets/load_settings_variables.png)
@@ -241,7 +246,7 @@ The second parameter enables Python Client modules to run simultaneously on mult
 Database normalization is the process of organizing data in a relational database to improve data integrity and reduce redundancy. 
 Normalization ensures that data is organized in a way that makes sense for the data model and attributes, and that the database functions efficiently.
 
-MySQL `apache_logs` schema has 46 tables, 772 columns, 128 indexes, 56 views, 7 stored procedures and 41 functions to process Apache Access log in 4 formats 
+MySQL `apache_logs` schema has 47 tables, 779 columns, 125 indexes, 56 views, 7 stored procedures and 42 functions to process Apache Access log in 4 formats 
 & Apache Error log in 2 formats. Database normalization at work!
 ## MySQL Access Log View by URI
 MySQL View - apache_logs.access_requri_list - data from LogFormat: combined & csv2mysql

.github/SUPPORT.md

@@ -2,7 +2,7 @@
 
 ### Please include Apache Logformat or ErrorLogFormat if a missing or malformed data issue.
 
-### My office hours are 'almost always' unless I am doing farm chores, attending my kid's sporting events or sleeping. I rarely leave the farm so if I do not reply within 24 hours I am working on a project outside. If I do not reply within 48 hours something bad might have occurred.
+### My office hours are 'almost always' unless I am doing farm chores, attending my kid's sporting events or sleeping. Rarely do I leave the farm so if I do not reply within 24 hours I am working on a project outside. If I do not reply within 48 hours something bad might have happened.
 
 ### I am designer, developer and support staff with vast knowledge of Apache, MySQL and Python capable of fixing any issue with application.
 

.gitignore

@@ -6,118 +6,19 @@ __pycache__/
 # Distribution / packaging
 .Python
 build/
-develop-eggs/
 dist/
-downloads/
-eggs/
-.eggs/
-lib/
-lib64/
-parts/
-sdist/
 var/
-wheels/
-share/python-wheels/
-*.egg-info/
-.installed.cfg
-*.egg
-MANIFEST
-
-# PyInstaller
-#  Usually these files are written by a python script from a template
-#  before PyInstaller builds the exe, so as to inject date/other infos into it.
-*.manifest
-*.spec
 
 # Installer logs
 pip-log.txt
-pip-delete-this-directory.txt
 
 # Unit test / coverage reports
-htmlcov/
-.tox/
-.nox/
-.coverage
-.coverage.*
 .cache
-nosetests.xml
 coverage.xml
 *.cover
-*.py,cover
-.hypothesis/
 .pytest_cache/
 cover/
 
-# Translations
-*.mo
-*.pot
-
-# Django stuff:
-*.log
-local_settings.py
-db.sqlite3
-db.sqlite3-journal
-
-# Flask stuff:
-instance/
-.webassets-cache
-
-# Scrapy stuff:
-.scrapy
-
-# Sphinx documentation
-docs/_build/
-
-# PyBuilder
-.pybuilder/
-target/
-
-# Jupyter Notebook
-.ipynb_checkpoints
-
-# IPython
-profile_default/
-ipython_config.py
-
-# pyenv
-#   For a library or package, you might want to ignore these files since the code is
-#   intended to run in multiple environments; otherwise, check them in:
-# .python-version
-
-# pipenv
-#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
-#   However, in case of collaboration, if having platform-specific dependencies or dependencies
-#   having no cross-platform support, pipenv may install dependencies that don't work, or not
-#   install all needed dependencies.
-#Pipfile.lock
-
-# poetry
-#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
-#   This is especially recommended for binary packages to ensure reproducibility, and is more
-#   commonly ignored for libraries.
-#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
-#poetry.lock
-
-# pdm
-#   Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
-#pdm.lock
-#   pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
-#   in version control.
-#   https://pdm.fming.dev/latest/usage/project/#working-with-version-control
-.pdm.toml
-.pdm-python
-.pdm-build/
-
-# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
-__pypackages__/
-
-# Celery stuff
-celerybeat-schedule
-celerybeat.pid
-
-# SageMath parsed files
-*.sage.py
-
 # Environments
 .env
 .venv
@@ -126,34 +27,3 @@ venv/
 ENV/
 env.bak/
 venv.bak/
-
-# Spyder project settings
-.spyderproject
-.spyproject
-
-# Rope project settings
-.ropeproject
-
-# mkdocs documentation
-/site
-
-# mypy
-.mypy_cache/
-.dmypy.json
-dmypy.json
-
-# Pyre type checker
-.pyre/
-
-# pytype static type analyzer
-.pytype/
-
-# Cython debug symbols
-cython_debug/
-
-# PyCharm
-#  JetBrains specific template is maintained in a separate JetBrains.gitignore that can
-#  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
-#  and can be added to the global gitignore or merged into this file.  For a more nuclear
-#  option (not recommended) you can uncomment the following to ignore the entire idea folder.
-#.idea/

apacheLogs2MySQL.py

@@ -1,8 +1,3 @@
-# coding: utf-8
-# version 2.0.0 - 11/30/2024 - Comprehensive Update
-#
-# Copyright 2024 Will Raymond <[email protected]>
-#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -15,12 +10,16 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-# CHANGELOG.md in GitHub repository - https://github.com/WillTheFarmer/ApacheLogs2MySQL
+# version 2.1.0 - 12/09/2024 - add request_log_id to error & access formats
+#
+# Copyright 2024 Will Raymond <[email protected]>
+#
+# CHANGELOG.md in repository - https://github.com/WillTheFarmer/ApacheLogs2MySQL
 """
 :module: apacheLogs2MySQL
 :function: processLogs()
 :synopsis: processes apache access and error logs into MySQL for apachelogs2MySQL application.
-:author: [email protected] (Will Raymond)
+:author: Will Raymond <[email protected]>
 """
 import os
 import platform
@@ -567,22 +566,34 @@ def processLogs():
             if useragent_log >= 2:
                 print('Parsing record ' + str(recID) + ' - ' + str(ua) )
             # Accessing user agent's browser attributes
-            # br = str(ua.browser)  # returns Browser(family=u'Mobile Safari', version=(5, 1), version_string='5.1')
+            strua = str(ua)
+            strua = strua.replace('"', ' in.') # must replace " in string for error occurs
+            br = str(ua.browser)  # returns Browser(family=u'Mobile Safari', version=(5, 1), version_string='5.1')
+            br = br.replace('"', ' in.') # must replace " in string for error occurs
             br_family = str(ua.browser.family)  # returns 'Mobile Safari'
+            br_family = br_family.replace('"', ' in.') # must replace " in string for error occurs
             #ua.browser.version  # returns (5, 1)
             br_version = ua.browser.version_string   # returns '5.1'
+            br_version = br_version.replace('"', ' in.') # must replace " in string for error occurs
             # Accessing user agent's operating system properties
             os = str(ua.os)  # returns OperatingSystem(family=u'iOS', version=(5, 1), version_string='5.1')
+            os = os.replace('"', ' in.') # must replace " in string for error occurs
             os_family = str(ua.os.family)  # returns 'iOS'
+            os_family = os_family.replace('"', ' in.') # must replace " in string for error occurs
             #ua.os.version  # returns (5, 1)
             os_version = ua.os.version_string  # returns '5.1'
+            os_version = os_version.replace('"', ' in.') # must replace " in string for error occurs
             # Accessing user agent's device properties
             dv = str(ua.device)  # returns Device(family=u'iPhone', brand=u'Apple', model=u'iPhone')
+            dv = dv.replace('"', ' in.') # must replace " in string for error occurs
             dv_family = str(ua.device.family)  # returns 'iPhone'
+            dv_family = dv_family.replace('"', ' in.') # must replace " in string for error occurs
             dv_brand = str(ua.device.brand) # returns 'Apple'
+            dv_brand = dv_brand.replace('"', ' in.') # must replace " in string for error occurs
             dv_model = str(ua.device.model) # returns 'iPhone'
-            updateSql = ('UPDATE access_log_useragent SET ua="'+str(ua) + 
-                         '", ua_browser="' + br_family + 
+            dv_model = dv_model.replace('"', ' in.') # must replace " in string for error occurs
+            updateSql = ('UPDATE access_log_useragent SET ua="'+ strua + 
+                         '", ua_browser="' + br + 
                          '", ua_browser_family="' + br_family + 
                          '", ua_browser_version="' + br_version + 
                          '", ua_os="' + os +