Is it possible to exclude specified GET parameters in apache access logs?

I've found one way to solve the problem. If I pipe the log output to sed, I can perform a regex replace on the output before I append it to the log file.

Example 1

CustomLog "|/bin/sed -E s/'param=[^& \t\n]*'/'param=\[FILTERED\]'/g >> /your/path/access.log" combined

Example 2

It's also possible to exclude several parameters:

exclude.sh

#!/bin/bash
while read x ; do
    result=$x
    for ARG in "$@"
    do
        cleanArg=`echo $ARG | sed -E 's|([^0-9a-zA-Z_])|\\\\\1|g'`
        result=`echo $result | sed -E s/$cleanArg'=[^& \t\n]*'/$cleanArg'=\[FILTERED\]'/g`
    done
    echo $result
done

Move the script above to the folder /opt/scripts/ or somewhere else, give the script execute rights (chmod +x exclude.sh) and modify your apache config like this:

CustomLog "|/opt/scripts/exclude.sh param param1 param2 >> /your/path/access.log" combined

Documentation

http://httpd.apache.org/docs/2.4/logs.html#piped

http://www.gnu.org/software/sed/manual/sed.html