table of Contents
1 Nginx log configuration
ELK
Nginx Java json
192.168.104.143 - - [20/Jan/2020:13:58:02 +0800] "GET /%E8%85%BE%E8%AE%AF%E9%A6%96%E9%A1%B5_files/default_b.png HTTP/1.1" 200 10392 "http://192.168.101.82/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" "-"
Nginx has a very flexible logging mode, each level of configuration can have its own independent access log, and the log format can be customized through the log_format command.
1.1 log_format instruction
#Configuration syntax: include: error.log access.log
Syntax: log_format name [escape=default | json ] string …;
Default: log_format combined “…”;
Context: http
1.2 Default nginx definition syntax
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
Variables allowed in nginx log format
- $remote_addr records the client IP address
- $remote_user records the client user name
- $time_local records the universal local time
- $time_iso8601 records the local time in the ISO8601 standard format
- $request records the request method and the requested http protocol
- $status Record the status code of the request (user positioning error information)
- $body_bytes_sent The total number of bytes sent to the client, excluding the size of the response header
- $bytes_sent The total number of bytes sent to the client
- $msec Log writing time, in seconds, precision is milliseconds
- $http_referer records the visits from that page link
- $http_user_agent records client browser related information
- $http_x_forwarded_for records the client ip address
- $request_length The length of the request
- $request_time The time spent in the request, in seconds, with an accuracy of milliseconds
note:
If Nginx is in the load balancer, after nginx reverse proxy, the web server cannot directly obtain the client's real IP address.
$remote_addr gets the ip address of the reverse proxy. The reverse proxy server is forwarding the request http header information
Add x+Forwarded_For information to record the client ip address and the server address requested by the client
1.3 How to use access_log
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# access_log /var/log/nginx/access.log main;
server {
listen 80;
server_name localhost;
access_log logs/host.access.log main; //存放日志文件,并调用main日志格式
location / {
root html;
index index.html index.htm;
}
}