wordpress logs

Last Updated: Jun 15, 2017

Default WordPress log format

Raw sample log:

  1. 172.64.0.2 - - [07/Jan/2016:21:06:39 +0800] "GET /wp-admin/js/password-strength-meter.min.js?ver=4.4 HTTP/1.0" 200 776 "http://wordpress.c4a1a0aecdb1943169555231dcc4adfb7.cn-hangzhou.alicontainer.com/wp-admin/install.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36"

Matching of the beginning of a line in multiline log (the beginning of a line is expressed by IP information):

  1. \d+\.\d+\.\d+\.\d+\s-\s.*

Regular expression used to extract log information:

  1. (\S+) - - \[([^\]]*)] "(\S+) ([^"]+)" (\S+) (\S+) "([^"]+)" "([^"]+)"

Time conversion format:

  1. %d/%b/%Y:%H:%M:%S

Sample log extraction results:

Key Value
ip 127.64.0.2
time 07/Jan/2016:21:06:39 +0800
method GET
url /wp-admin/js/password-strength-meter.min.js?ver=4.4 HTTP/1.0
status 200
length 776
ref http://wordpress.c4a1a0aecdb1943169555231dcc4adfb7.cn-hangzhou.alicontainer.com/wp-admin/install.php
user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36
Thank you! We've received your feedback.