12.10 nginx访问日志
日志格式:
[root@hyc-01-01 conf]# pwd
/usr/local/nginx/conf
[root@hyc-01-01 conf]# vim nginx.conf
…
17 server_names_hash_bucket_size 3526;
18 server_names_hash_max_size 4096;
19 log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
20 ' $host "$request_uri" $status'
21 ' "$http_referer" "$http_user_agent"';
22 sendfile on;
…
19行配置就是用于定义日志的:
combined_realip 日志格式名称,引用日志格式时需要用到日志格式的名称
nginx配置文件中会认为“;”是一段配置的结尾
$remote_addr 客户端ip(公网ip),本机的出口ip
$http_x_forwarded_for 代理服务器ip
$time_local 服务器本地时间
$host 访问主机名(域名)
$request_uri 访问的uri地址(在http://v.apelearn.com/student.php?view_unit=1934中,v.apelearn.com为域名,student.php?view_unit=1934为uri)
$status 状态码(301/404/200/401等都属于状态码)
$http_referer 跳转到本站前访问的站点
$http_user_agent 浏览器或curl等信息
在虚拟主机配置文件定义日志信息:
在主配置文件中定义日志格式名称为hyc:
[root@hyc-01-01 conf]# vim nginx.conf
…
server_names_hash_max_size 4096;
19 log_format hyc '$remote_addr $http_x_forwarded_for [$time_local]'
20 ' $host "$request_uri" $status'
21 ' "$http_referer" "$http_user_agent"';
22 sendfile on;
23 tcp_nopush on;
…
[root@hyc-01-01 vhost]# vim test.com.conf
server
{
listen 80;
server_name test.com test1.com test2.com;
index index.html index.htm index.php;
root /data/wwwroot/test.com;
if ($host != 'test.com' ){
rewrite ^/(.*)$ http://test.com/$1 permanent;
}
access_log /tmp/test.com.log hyc;
location ~ admin.php
{
auth_basic "Auth";
auth_basic_user_file /usr/local/nginx/conf/htpasswd;
}
}
[root@hyc-01-01 vhost]# /usr/local/nginx/sbin/nginx -s reload 重新加载配置
[root@hyc-01-01 vhost]# curl -x127.0.0.1:80 test.com
welcome to test.com
[root@hyc-01-01 vhost]# cat /tmp/test.com.log
127.0.0.1 - [14/Aug/2018:20:37:47 +0800] test.com "/" 200 "-" "curl/7.29.0" 日志信息
12.11 nginx日志切割
Nginx没有自己自带的日志切割工具,需要借助系统的日志切割工具或自己写日志切割脚本
所有日志切割脚本放到/usr/local/sbin/路径下
编写日志切割脚本:
[root@hyc-01-01 vhost]# vim /usr/local/sbin/nginx_logrotate.sh
#!/bin/bash
##假设nginx日志存放在/data/logs/
d=`date -d "-1 day" +%Y%m%d` d为昨天的日期,格式为年月日
logdir="/tmp/"
nginx_pid="/usr/local/nginx/logs/nginx.pid" 查找nginx的pid方便执行/bin/kill -HUP `cat $nginx_pid`,需要确认该pid路径是否正确,否则最后一条无法正常执行
cd $logdir 进入日志目录下
for log in `ls *.log` 定义ls *.log的结果为log
do
mv $log $log-$d 将匹配的文件改名(在文件名后加“-$d”,$d就是昨天的日期)
done
/bin/kill -HUP `cat $nginx_pid` 命令效果同nginx的-s reload(重新加载配置),若不重新加载则nginx会认准原来日志文件的标记一直将日志信息写入原来的日志文件,不会写入新创建的日志文件中
执行脚本:
[root@hyc-01-01 tmp]# sh -x /usr/local/sbin/nginx_logrotate.sh –x会显示脚本执行过程
++ date -d '-1 day' +%Y%m%d
+ d=20180813
+ logdir=/tmp/
+ nginx_pid=/usr/local/nginx/logs/nginx.pid
+ cd /tmp/
++ ls php_errors.log test.com.log
+ for log in '`ls *.log`'
+ mv php_errors.log php_errors.log-20180813
+ for log in '`ls *.log`'
+ mv test.com.log test.com.log-20180813
++ cat /usr/local/nginx/logs/nginx.pid
+ /bin/kill -HUP 908 生成新的test.com.log
[root@hyc-01-01 tmp]# echo $?
0
[root@hyc-01-01 tmp]# ls *.com.log
test.com.log /tmp目录下生成了新的test.com.log
清理日志:
[root@hyc-01-01 /]# find /tmp/ -name *.log-* -type f -mtime +30|xargs rm
从tmp目录筛选出name匹配*.log-*,类型为文件,mtime超过30天的文件执行rm操作
rm: 缺少操作数 没有匹配以上条件的日志文件,无法执行rm操作
Try 'rm --help' for more information.
添加任务计划:
[root@hyc-01-01 /]# crontab –e
0 0 * * * /bin/bash /usr/local/sbin/nginx_logrotate.sh 每日凌晨0点执行脚本
12.12 静态文件不记录日志和过期时间
配置静态文件不记录日志:
[root@hyc-01-01 vhost]# vim test.com.conf
{
listen 80;
server_name test.com test1.com test2.com;
index index.html index.htm index.php;
root /data/wwwroot/test.com;
if ($host != 'test.com' ){
rewrite ^/(.*)$ http://test.com/$1 permanent;
}
access_log /tmp/test.com.log hyc;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ 匹配.gif/.jpg/.jpeg/.png/.bmp/.swf
{
expires 7d; 设置过期时间为7天
access_log off; 不记录日志
}
localtion ~ .*\.(js|css)$
{
expires 12h; 由于过期时间不一样,需要和上面分开写
access_log off;
}
…
[root@hyc-01-01 vhost]# /usr/local/nginx/sbin/nginx -s reload
测试日志记录情况:
[root@hyc-01-01 test.com]# vim 1.gif
[root@hyc-01-01 test.com]# vim 2.js
[root@hyc-01-01 test.com]# ls
1.gif 2.js aa.html admin admin.php index.html
[root@hyc-01-01 test.com]# pwd
/data/wwwroot/test.com
[root@hyc-01-01 test.com]# curl -x127.0.0.1:80 test.com/1.gif
sdfsfasdfs
[root@hyc-01-01 test.com]# curl -x127.0.0.1:80 test.com/2.js
jolsdfjgdpq
[root@hyc-01-01 test.com]# curl -x127.0.0.1:80 test.com/index.html
welcome to test.com
[root@hyc-01-01 test.com]# cat /tmp/test.com.log
127.0.0.1 - [15/Aug/2018:07:41:31 +0800] test.com "/index.html" 200 "-" "curl/7.29.0"
访问了3个内容仅生成一条日志,访问js和gif时没有记录日志
测试过期时间:
[root@hyc-01-01 test.com]# curl -x127.0.0.1:80 test.com/2.js -I
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 14 Aug 2018 23:46:26 GMT
Content-Type: application/javascript
Content-Length: 12
Last-Modified: Tue, 14 Aug 2018 23:38:47 GMT
Connection: keep-alive
ETag: "5b736807-c"
Expires: Wed, 15 Aug 2018 11:46:26 GMT
Cache-Control: max-age=43200(43200=12*3600)
Accept-Ranges: bytes
在test.com.conf中注释掉js的expires:
[root@hyc-01-01 test.com]# vim /usr/local/nginx/conf/vhost/test.com.conf
[root@hyc-01-01 test.com]# /usr/local/nginx/sbin/nginx -s reload
[root@hyc-01-01 test.com]# curl -x127.0.0.1:80 test.com/2.js -I
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 14 Aug 2018 23:51:06 GMT
Content-Type: application/javascript
Content-Length: 12
Last-Modified: Tue, 14 Aug 2018 23:38:47 GMT
Connection: keep-alive 此处不再出现max-age信息
ETag: "5b736807-c"
Accept-Ranges: bytes