Bindplane is excited to join Dynatrace!Learn more
Back to Blueprints

Process Apache Common Logs for Elasticsearch

Optimizes Apache HTTP Server access logs (Common Log Format) for Elasticsearch ingestion via OTLP. Parses CLF fields, filters health check and static asset requests, maps HTTP status codes to OTLP severity levels, masks sensitive data, removes high-cardinality fields, samples successful responses, and deduplicates error bursts.

Included Processors

1

Parse Apache Common Log Format

Parses Apache Common Log Format extracting remote host, user, timestamp, method, path, status code, and response bytes.

2

Parse Apache Timestamp

Parses the Apache timestamp into the log record time field.

3

Filter Health Checks

Drops health check and monitoring endpoint requests.

4

Filter Static Asset Requests

Drops requests for static assets (CSS, JS, images, fonts).

5

Map HTTP Status to Severity

Maps HTTP status codes to OTLP severity levels for Elasticsearch severity-based filtering and alerting.

6

Mask Sensitive Data

Redacts sensitive data from request paths and user fields.

7

Remove High-Cardinality Fields

Removes ident and high-cardinality client fields.

8

Add ECS-Compatible Fields

Adds Elastic Common Schema fields for Apache access log data, enabling compatibility with built-in Kibana web server dashboards.

9

Sample Success Responses

Samples 50% of successful HTTP 2xx response logs to reduce volume.

10

Deduplicate Error Responses

Deduplicates repeated HTTP error logs within a 30-second window.

11

Batch Telemetry

Batches Apache logs for efficient Elasticsearch bulk indexing.

12

Delete Empty Fields

Removes null and empty values to reduce storage overhead.

Related Blueprints