Log Management Guide
---
- Log Management Guide
This guide details best practices for configuring and managing logs on a MediaWiki 1.40 server. Effective log management is crucial for troubleshooting, security auditing, and performance monitoring. This article is designed for system administrators and those responsible for maintaining the health of a MediaWiki installation.
Understanding MediaWiki Logs
MediaWiki generates several types of logs that record important events. These logs provide valuable insights into system activity and potential issues. Key logs include:
- Access Log: Records all requests made to the web server (Apache or Nginx).
- Error Log: Records errors encountered by the web server and PHP.
- MediaWiki Watchlist Log: Tracks changes to pages on users' watchlists.
- MediaWiki Revision Log: Records every revision made to a page.
- MediaWiki Abuse Log: Logs actions flagged as potentially abusive.
- MediaWiki Block Log: Documents user blocks and unblocks.
Properly configuring these logs is the first step in effective log management.
Web Server Log Configuration (Apache)
If you are using Apache as your web server, configuration is typically done through virtual host files. Here's a sample configuration snippet:
<VirtualHost *:80>
ServerName yourmediawiki.example.com
DocumentRoot /var/www/html/mediawiki
ErrorLog ${APACHE_LOG_DIR}/mediawiki_error.log
CustomLog ${APACHE_LOG_DIR}/mediawiki_access.log combined
</VirtualHost>
The `ErrorLog` directive specifies the location of the error log, and `CustomLog` defines the access log and its format. The `combined` format is a standard Apache log format. Restart Apache after making changes. See Apache HTTP Server for more information.
Here’s a table summarizing common Apache log format directives:
| Directive | Description |
|---|---|
| `ErrorLog` | Specifies the file to which errors are logged. |
| `CustomLog` | Defines the access log file and format. |
| `LogFormat` | Allows you to define custom log formats. |
| `TransferLog` | Alias for `CustomLog` with a specific format. |
Web Server Log Configuration (Nginx)
For Nginx, log configuration is done in the server block of the configuration file. An example:
server {
listen 80;
server_name yourmediawiki.example.com;
root /var/www/html/mediawiki;
error_log /var/log/nginx/mediawiki_error.log;
access_log /var/log/nginx/mediawiki_access.log combined;
}
Similar to Apache, `error_log` specifies the error log location, and `access_log` defines the access log and format. Restart Nginx after changes. Consult the Nginx documentation for more details.
The following table outlines common Nginx log directives:
| Directive | Description |
|---|---|
| `error_log` | Specifies the file to which errors are logged. |
| `access_log` | Defines the access log file and format. |
| `log_format` | Allows you to define custom log formats. |
| `combined` | A predefined log format including common information. |
MediaWiki Log Configuration
MediaWiki’s internal logs are configured through the `LocalSettings.php` file. The `$wgLogPaths` array defines where various MediaWiki logs are stored.
$wgLogPaths = [
'watch' => '/var/log/mediawiki/watch.log',
'abuse' => '/var/log/mediawiki/abuse.log',
'block' => '/var/log/mediawiki/block.log',
'revision' => '/var/log/mediawiki/revision.log',
];
Ensure the web server user has write permissions to these log directories. See Configuring LocalSettings.php for more information. Proper permissions are critical for security.
Here's a table summarizing key MediaWiki log types and their purpose:
| Log Type | Description | Location (example) |
|---|---|---|
| Watchlist | Tracks changes to watched pages. | `/var/log/mediawiki/watch.log` |
| Abuse | Records potentially abusive actions. | `/var/log/mediawiki/abuse.log` |
| Block | Logs user blocks and unblocks. | `/var/log/mediawiki/block.log` |
| Revision | Records page revisions. | `/var/log/mediawiki/revision.log` |
Log Rotation
Log files can grow rapidly, consuming disk space. Log rotation is essential to prevent this. Tools like `logrotate` are commonly used for this purpose.
A sample `logrotate` configuration for MediaWiki logs:
/var/log/mediawiki/*.log {
daily
rotate 7
missingok
notifempty
delaycompress
compress
postrotate
/bin/systemctl reload apache2 > /dev/null 2>&1 || true
endscript
}
This configuration rotates logs daily, keeps 7 days of logs, and compresses older logs. The `postrotate` script restarts Apache to ensure new logs are opened. Refer to Logrotate documentation for advanced configuration options.
Log Analysis Tools
Once logs are being generated and rotated, you’ll need tools to analyze them. Several options are available:
- grep: A basic command-line tool for searching logs. See Using grep for more information.
- awk: A powerful scripting language for processing text files.
- Elasticsearch/Logstash/Kibana (ELK Stack): A popular open-source stack for centralized log management and analysis. ELK Stack setup provides a detailed guide.
- Splunk: A commercial log management and analysis platform.
Security Considerations
- Protect log files from unauthorized access. Restrict permissions to the web server user and administrators.
- Regularly review logs for suspicious activity.
- Consider using a Security Information and Event Management (SIEM) system for automated log analysis and threat detection.
- Never store sensitive information (passwords, API keys) in log files.
Further Resources
- MediaWiki Manual – Configuration
- Server Security Guide
- Troubleshooting Common Errors
- Performance Monitoring
- Backup and Recovery
Intel-Based Server Configurations
| Configuration | Specifications | Benchmark |
|---|---|---|
| Core i7-6700K/7700 Server | 64 GB DDR4, NVMe SSD 2 x 512 GB | CPU Benchmark: 8046 |
| Core i7-8700 Server | 64 GB DDR4, NVMe SSD 2x1 TB | CPU Benchmark: 13124 |
| Core i9-9900K Server | 128 GB DDR4, NVMe SSD 2 x 1 TB | CPU Benchmark: 49969 |
| Core i9-13900 Server (64GB) | 64 GB RAM, 2x2 TB NVMe SSD | |
| Core i9-13900 Server (128GB) | 128 GB RAM, 2x2 TB NVMe SSD | |
| Core i5-13500 Server (64GB) | 64 GB RAM, 2x500 GB NVMe SSD | |
| Core i5-13500 Server (128GB) | 128 GB RAM, 2x500 GB NVMe SSD | |
| Core i5-13500 Workstation | 64 GB DDR5 RAM, 2 NVMe SSD, NVIDIA RTX 4000 |
AMD-Based Server Configurations
| Configuration | Specifications | Benchmark |
|---|---|---|
| Ryzen 5 3600 Server | 64 GB RAM, 2x480 GB NVMe | CPU Benchmark: 17849 |
| Ryzen 7 7700 Server | 64 GB DDR5 RAM, 2x1 TB NVMe | CPU Benchmark: 35224 |
| Ryzen 9 5950X Server | 128 GB RAM, 2x4 TB NVMe | CPU Benchmark: 46045 |
| Ryzen 9 7950X Server | 128 GB DDR5 ECC, 2x2 TB NVMe | CPU Benchmark: 63561 |
| EPYC 7502P Server (128GB/1TB) | 128 GB RAM, 1 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (128GB/2TB) | 128 GB RAM, 2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (128GB/4TB) | 128 GB RAM, 2x2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (256GB/1TB) | 256 GB RAM, 1 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (256GB/4TB) | 256 GB RAM, 2x2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 9454P Server | 256 GB RAM, 2x2 TB NVMe |
Order Your Dedicated Server
Configure and order your ideal server configuration
Need Assistance?
- Telegram: @powervps Servers at a discounted price
⚠️ *Note: All benchmark scores are approximate and may vary based on configuration. Server availability subject to stock.* ⚠️