It can be even more simplified:
- Just use
SetEnvIf
from module mod_setenvif to create an environment variable based on the Remote_Addr
.
- Use a regular expression to determine the part you want to mask.
Finally reference the variable (e.g. MASKED_IP_ADDR
) in your LogFormat statement like so:
SetEnvIf Remote_Addr "((?:\d{1,3}\.){3})\d{1,3}" MASKED_IP_ADDR=$1XXX
LogFormat "%{MASKED_IP_ADDR}e %l %u %t" combined-syslog2
Of course, you could also go for a correct IP address regular expression:
^((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3})(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$
This one captures the first three octets so that the last one can be substituted by 'XXX'
.