My little home Apache server is overwhelmed by log entries from various virus attacks - Nimda, CodeRed, etc. It's tiresome. If you edit Apache's httpd.conf and replace your old CustomLog entry with this stuff, the logs go somewhere else. It looks like the Debian Apache package will even rotate the new file for you, I'll see in a week.
SetEnvIf Request_URI (cmd\.exe|root\.exe|default\.ida) attack
CustomLog /var/log/apache/attack.log combined env=attack
CustomLog /var/log/apache/access.log combined env=!attack
  2001-10-31 08:00 Z