How to Configure Monolog to Exclude 404 Errors from the Log

Warning: You are browsing the documentation for Symfony 3.x, which is no longer maintained.

Read the updated version of this page for Symfony 7.1 (the current stable version).

Sometimes your logs become flooded with unwanted 404 HTTP errors, for example, when an attacker scans your app for some well-known application paths (e.g. `/phpmyadmin`). When using a fingers_crossed handler, you can exclude logging these 404 errors based on a regular expression in the MonologBundle configuration:

        1
2
3
4
5
6
7
8
9
        # app/config/config.yml
monolog:
    handlers:
        main:
            # ...
            type: fingers_crossed
            handler: ...
            excluded_404s:
                - ^/phpmyadmin
    

        1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
        <!-- app/config/config.xml -->
<container xmlns="http://symfony.com/schema/dic/services"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:monolog="http://symfony.com/schema/dic/monolog"
    xsi:schemaLocation="http://symfony.com/schema/dic/services
        https://symfony.com/schema/dic/services/services-1.0.xsd
        http://symfony.com/schema/dic/monolog
        https://symfony.com/schema/dic/monolog/monolog-1.0.xsd">

    <monolog:config>
        <monolog:handler type="fingers_crossed" name="main" handler="...">
            <!-- ... -->
            <monolog:excluded-404>^/phpmyadmin</monolog:excluded-404>
        </monolog:handler>
    </monolog:config>
</container>
    

        1
2
3
4
5
6
7
8
9
10
11
12
13
        // app/config/config.php
$container->loadFromExtension('monolog', [
    'handlers' => [
        'main' => [
            // ...
            'type'          => 'fingers_crossed',
            'handler'       => ...,
            'excluded_404s' => [
                '^/phpmyadmin',
            ],
        ],
    ],
]);
    

Caution

Combining excluded_404s with a passthru_level lower than error (i.e. debug, info, notice or warning) will not actually exclude log messages for the URL(s) listed in excluded_404s because they are logged with level of error or higher and passthru_level takes precedence over the URLs being listed in excluded_404s.

This work, including the code samples, is licensed under a Creative Commons BY-SA 3.0 license.

TOC

Version