I am trying to clean out some of the log clutter from my machines and am starting by removing requests that are generated from the server themselves. I have cache warmers running around the clock and I don't want these polluting the logs.
I was able to get apache to stop logging local requests by adding a dontlog for the local IP:
SetEnvIf Remote_Addr "RE\.DA\.CT\.ED" dontlog
CustomLog "|logger -p local3.info -t http" combined env=!dontlog
and now I am looking for something similar to put in a configuration for the Haproxy log. How can I prevent 127.0.0.1 requests from writing to the Haproxy log?
UPDATE: 2/15/11
I use the excellent loggly service to pull out logs in the cloud, but I am seeing tons of logs like this:
2011 Feb 15 06:09:42.000 [REDACTED] http: RE.DA.CT.ED - - [15/Feb/2011:06:09:42 -0500] "HEAD /search/Nevad/predictive/txt HTTP/1.0" 200 - "-" "Wget/1.10.2 (Red Hat modified)"
2011 Feb 15 06:09:42.000 127.0.0.1 haproxy[10390]: 127.0.0.1:58408 [15/Feb/2011:06:09:42] www i-5dd7a331.0 0/0/0/8/8 200 210 - - --NI 0/0/0 0/0 "HEAD /search/Nevad/predictive/txt HTTP/1.1"
and I want them gone. This question focuses on how to remove that haproxy log line from writing to the server side log in the first place.
Right now it's not possible to disable logs based on ACLs (though it's in the roadmap). In the mean time, you should understand that logs are defined by the frontend. Thus, you could have two frontends, one public and one private which make use of the same backend. The private frontend would not log while the public one would.
In general it's not adviced to disable logging, it makes detecting bugs much longer. You could alternatively use "option dontlog-normal" to only log unexpected events (timeouts, errors, etc...). That sensibly reduces the amount of logs and you still keep traces of events you should care about.
The HAProxy docs talk about filtering a bit in section 8.3.1. It says disabling logging of external tests can be done with the 'monitor-net' declarative. Not sure if this affects traffic though - the docs seem to indicate it does, so be careful with it.
You may also want to create an ACL list for your internal addresses and then turn off logging for those matches. I'm no HAProxy guru though, so I'll leave the suggested configuration of something like this to others!