0x00 event
To help a friend set up a blog, run over a period of time, to prepare the site analysis report to him.
Only valid data Nginx access logs, so the decision to use this tool GoAccess log analysis,
0x01 Installation
$ yum -y install goaccess
Other platforms refer to the official download: https://goaccess.io/download
Use 0x02
1, to determine the log format
from Nginx configuration can view the log file format:
log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"';
Log file contents:
223.104.189.167 - - [07/Aug/2019:03:03:02 +0000] "GET /favicon.ico HTTP/1.1" 200 5 "https://www.example.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.131 Safari/537.36"
2, using the format command with the parameters
$ goaccess -f access.log --log-format='%h %^ %^[%d:%t +0000] "%r" %s %b "%R" "%u"' --date-format='%d/%b/%Y' --time-format='%H:%M:%S' -d -a > test.html $ ls access.log test.html
Parameter Description:
-f specifies the path to the log file. --log-format specified log format string. --date-format log format date. They all begin with a percent sign (%). --time-format log format time. They are expressed as a percentage (%) at the beginning. -a enable the user agent list by the host. -d Enable IP resolver output in HTML or JSON.
Formatting parameters mainly log format --log-format, date format and time format --date-format --time-format.
In https://goaccess.io/man#custom-log can find% * corresponding specifier .
3, view the analysis file
Finally, open the test.html file in a browser, you can see a detailed analysis of access logs: