Reading Apache server-status output

mhouts001 · ‎07-25-2011

Has anyone tried to have splunk parse the output of the machine readable apache server-status page, e.g http://$apachehost/server-status?auto

I need to keep track of the status of workers, whether they are waiting, logging, etc.

Thanks

ThomasKoeberlei · ‎10-20-2016

Hi,

needed to change the line;

 $body=~ m/<dt>([^\s]+) requests\/sec - ([^\s]+) (k*B)\/second - ([^\s]+) (k*B)\/request<\/dt>/;

to:

 $body=~ m/<dt>([^\s]+) requests\/sec - ([^\s]+) (k*B)\/second - ([^\s]+) ([k,M]*B)\/request<\/dt>/;

regards,
-thomas

LK · ‎08-02-2011

Hi,

I fixed a few typos and extended the script to work on lower-traffic servers and to provide CPU usage:

#!/usr/bin/perl

###
#Simple script to parse Apache Server statistics for Splunk
###

use LWP::UserAgent;

@apache_urls=("http://server1/server-status","http://server2/server-status");

foreach $url (@apache_urls) {
        my $ua = new LWP::UserAgent;
        $ua->agent('Splunk Apache Statistics Script');
        my $request = HTTP::Request->new('GET');
        $request->url($url);
        my $response = $ua->request($request);
        my $body = $response->content;

        ### Extract stats
        $body=~ m/Apache Server Status for ([^>]+)<\/h1>/;
        $server_name=$1;
        $body=~ m/Current Time: [^,]+, ([^<]+)<\/dt>/;
        $timestamp=$1;
        $body=~ m/<dt>([^\s]+) requests\/sec - ([^\s]+) (k*B)\/second - ([^\s]+) (k*B)\/request<\/dt>/;
        $request_stats="requests_per_second=$1,$3_per_second=$2,$5_per_request=$4";
        $body=~ m/<dt>([^\s]+) requests currently being processed, ([^\s]+) idle workers<\/dt>/;
        $processing_stats="requests_currently_being_processed=$1,idle_workers=$2";
        $body=~ m/<dt>CPU Usage: u([^\s]+) s([^\s]+) cu.* cs.* - ([^\s]+%) CPU load<\/dt>/;
        $cpu_stats="user_cpu=$1,system_cpu=$2,cpu_load=$3";
        print "$timestamp,ServerName=$server_name,$request_stats,$processing_stats,$cpu_stats \n";
}

LK · ‎08-02-2011

Not sure why all the backslashes doubled themselves. Please be sure to correct that before using the script.

Brian_Osburn · ‎07-25-2011

I use a scripted input - I wrote a perl script to make a call to the Apache servers to pull stats..

I'll include the code below to get you started:

#!/usr/bin/perl

###
#Simple script to parse Apache Server statistics for Splunk
###

use LWP::UserAgent;

@apache_urls=("http://server1/server-status","http://server2/server-status","http://server3/server-status","http://server4/server-status");

foreach $url (@apache_urls) {
        my $ua = new LWP::UserAgent;
        $ua->agent('Splunk Apache Statistics Script');
        my $request = HTTP::Request->new('GET');
        $request->url($url);
        my $response = $ua->request($request);
        my $body = $response->content;

        ### Extract stats
        $body=~ m/Apache Server Status for ([^>]+)<\/h1>/;
        $server_name=$1;
        $body=~ m/Current Time: [^,]+, ([^<]+)<\/dt>/;
        $timestamp=$1;
        $body=~ m/<dt>([^\s]+) requests\/sec - ([^\s]+) kB\/second - ([^\s]+) kB\/request<\/dt>/;
        $request_stats="requests_per_second=$1,kB_per_second=$2,kB_per_request=$3";
        $body=~ m/<dt> ([^\s]+) requests currently being processed, ([^\s]+) idle workers<\/dt>/;
        $processing_stats="requests_currently_being_processed=$1,idle_workers=$2";
        print "$timestamp,ServerName=$server_name,$request_stats,$processing_stats \n";
}

Brian_Osburn · ‎07-26-2011

Please accept the answer if it solves your issue.

Thanks!

mhouts001 · ‎07-25-2011

Outstanding, thank you. Figured this was the direction to take if there was no direct read of the status page.

Reading Apache server-status output

Introducing Splunk Enterprise 9.2

Adoption of RUM and APM at Splunk

Routing logs with Splunk OTel Collector for Kubernetes