[SOLVED] apache httpd log : filter out lines containing a string

Issue

I'm trying to get TLS < 1.2 requests from a custom httpd log file, the config is:

SetEnvIf SSL_PROTOCOL "TLSv1.2" dontlog
CustomLog logs/TLSv_TSV \
"%h\t\
%{SSL_PROTOCOL}x\t\
%{SSL_CIPHER}x\t\
%{User-Agent}i\t\
%r" env=!dontlog

but "TLSv1.2" entries are still logged.

What am I doing wrong?

Solution

Afaik setEnvIf only has access to a handful of variables.

Try with the expression engine instead:

SetEnvIfExpr "%{SSL_PROTOCOL} == 'TLSv1.2'" dontlog

Answered By - ezra-s

Answer Checked By - Marilyn (WPSolving Volunteer)