My relatively small lab system was generating ~10GB of httpd logging on a daily basis. Even with logrotate and compression, the activity level was just ludicrous. I don't remember this from earlier versions. I don't see any obvious errors in the log that explain this over-zealous behavior. I didn't want to suppress the logs completely, and the LogLevel is already on warn. I decided in the end to remote log to my central syslog server which stores the logs on an NFS mount from a FreeNAS (ZFS with compression) NAS. The compression will keep the actual disk space down, and since I am not all that worried about losing some logs, I went with sync=off and udp on the transit. Here are the changes I made to /etc/httpd/conf.d/ssl.conf in case someone else finds them useful. 48,49c48,51 < ErrorLog logs/ssl_error_log < TransferLog logs/ssl_access_log --- 203,206c205,212 < CustomLog logs/ssl_request_log \ < "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" < < CustomLog logs/ovirt-requests-log "%t %h \"Correlation-Id: %{Correlation-Id}o\" \"Duration: %Dus\" \"%r\" %b" "expr=%{QUERY_STRING} !~ /username.*password|password.*username/" --- then blocked local logging to messages with local1.none in rsyslog.conf.