Overview
This article covers how to configure Apache Tomcat to log the HTTP fields necessary for applications handling university data. The guidelines documented here meet the IT Standards for Data Classifications.
For configurations not behind a load balancer, the X-Forwarded-For header may be omitted.
Configuration
Tomcat stores global HTTP logging configuration in %tomcat_home%/server/conf.xml. Open this file in your favorite text editor. Look for the AccessLogValve element. By default it should look like:
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%a %l %u %t "%r" %s %b" />
Change the "pattern" attribute to: %a %l %u %t "%r" %s %b %{Referer}i %{User-Agent}i %{X-Forwarded-For}i %{remote}p. This logs the X-Forwarded-For header value as the second item in the log line, logs the remote client port as the third item, and appends the Referer and User-Agent HTTP header values to the end of the log line.
The final AccessLogValve should look like:
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%a %l %u %t "%r" %s %b %{Referer}i %{User-Agent}i %{X-Forwarded-For}i %{remote}p" />
Save and exit the file when done editing. Restart Tomcat to apply the configuration change.
Apache's Tomcat log documentation can be found at https://tomcat.apache.org/tomcat-9.0-doc/config/valve.html#Access_Log_Valve