Apache Logs

Overview

Evidence: Apache Logs Description: Collect Apache Logs Category: Applications Platform: aix Short Name: apcl Is Parsed: No Sent to Investigation Hub: Yes Collect File(s): Yes

Background

Apache HTTP Server logs on macOS record web server access, errors, and activities. These logs are found in various locations depending on installation method (system, Homebrew Intel, Homebrew Apple Silicon).

Data Collected

This collector gathers structured data about apache logs.

Collection Method

This collector gathers Apache/httpd logs from multiple possible locations including system directories (/var/log/apache2), Homebrew installations (/usr/local, /opt/homebrew), and user-specific Homebrew logs.

Forensic Value

Apache logs are critical for investigating web application attacks, unauthorized access attempts, data exfiltration, web shell activities, and understanding web server compromise. Access logs reveal attacker IP addresses, request patterns, and attack vectors.