Nginx日志格式配置介绍

测试环境

CentOS 6.5-x86_64

 

nginx-1.10.0

 

配置例子

log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

'$status $request_time $upstream_response_time$request_length $bytes_sent $body_bytes_sent $gzip_ratio $connection_requests "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for"';

 

access_loglogs/nginx-access.log main;

 

说明：如下，有时候我们可以把日志配置json串格式，方便其它程序使用

log_format  main  '{

"remote_addr":"$remote_addr",

"remote_user":"$remote_user",

"time_local":"$time_local",

"request":"$request",

"status":"$status",

"request_time":"$request_time",

"upstream_response_time":"$upstream_response_time",

"request_length":"$request_length",

"bytes_sent":"$bytes_sent",

"body_bytes_sent":"$body_bytes_sent",

"gzip_ratio":"$gzip_ratio",

"connection_requests":"$connection_requests",

"http_referer":"$http_referer",

"http_user_agent":"$http_user_agent",

"http_x_forwarded_for":"$http_x_forwarded_for"

}';

 

 

配置说明

可在相同层级(个人理解：这里的层级为下文的Context范围)指定多个日志

 

语法说明:

access_log path [format [buffer=size] [gzip[=level]] [flush=time] [if=condition]];

 

access_log off;  # 关闭当前层级上的指定日志，即不记录日志

 

Default：access_log logs/access.log combined;

Context: http, server, location, if in location, limit_except

 

注意：路径path必须存在，如果开启了gzip日志压缩，则不能通过控制台实时查看日志了。

 

Syntax: log_format name [escape=default|json] string ...;

Default: log_format combined "...";

Context: http

 

format变量说明

$remote_addr

发起请求的客户端所在ip地址

 

$remote_user

发起请求的客户端用户名称，获取不到则显示为 -

 

$time_local

用来记录访问时间与时区(依赖nginx服务器本地时间)，形如20/Aug/2017:21:15:19 +0800，获取不到则显示为 -

 

$time_iso8601

类似$time_local，不同的是这里采用ISO8601标准格式 

 

$request

记录发起的请求，形如 

POST /zentaopms/www/index.php?m=user&f=login&referer=L3plbnRhb3Btcy93d3cvaW5kZXgucGhw HTTP/1.1

 

$status

记录响应状态，比如 200

 

$request_time

记录请求处理时间（以秒为单位，携带毫秒的解决方案），从读取客户端第一个字节开始算起，到发送最后一个字节给客户端的时间间隔（原文：request processing time in seconds with a milliseconds resolution; time elapsed between the first bytes were read from the client and the log write after the last bytes were sent to the client）

 

$upstream_response_time

记录nginx从后端服务器(upstream server)获取响应的时间（以秒为单位，携带毫秒的解决方案），多个请求的时间以逗号分隔

 

参考链接：

http://nginx.org/en/docs/http/ngx_http_upstream_module.html#var_upstream_response_time

 

$request_length

记录请求长度(包括请求行，请求头，请求体)

 

$gzip_ratio

记录nginx gzip压缩比例，获取不到则显示为-

 

$bytes_sent

发送给客户端的字节数

 

$body_bytes_sent

发送给客户端的响应体字节数

 

$connection_requests

单个连接的并发请求数（the current number of requests made through a connection (1.1.18)

 

$http_referer

记录请求引用页面地址

 

$http_user_agent

记录用户代理信息（通常是浏览器信息

 

$http_x_forwarded_for

当为了承受更大的负载使用反向代理时，web服务器不能获取真实的客户端IP，$remote_addr获取到的是反向代理服务器的ip，这种情况下，代理服务器通常会增加一个叫做x_forwarded_for的信息头，把连接它的真实客户端IP加到这个信息头里，这样就能保证网站的web服务器能获取到真实IP，获取不到则显示为 -

 

$connection

连接序列号

 

$msec

写入日志的时间（以秒为单位，携带毫秒的解决方案）(原文：time in seconds with a milliseconds resolution at the time of the log write)

 

$pipe

如果为管道请求则显示为p，否则显示为. 

 

日志输出样例

# tail -f /usr/local/ngnix/logs/access.log

192.168.1.101 - - [20/Aug/2017:22:28:44 +0800] "POST /zentaopms/www/index.php?m=user&f=login&referer=L3plbnRhb3Btcy93d3cvaW5kZXgucGhw HTTP/1.1" 200 0.365 0.365 764 794 302 - 1 "http://192.168.1.102/zentaopms/www/index.php?m=user&f=login&referer=L3plbnRhb3Btcy93d3cvaW5kZXgucGhw" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0" "-"

 

# tail -f /usr/local/ngnix/logs/access.log

{

"remote_addr":"192.168.1.101",

"remote_user":"-",

"time_local":"31/Aug/2017:10:37:01 +0800",

"request":"GET /zentaopms/www/index.php?m=user&f=login&referer=L3plbnRhb3Btcy93d3cvaW5kZXgucGhw HTTP/1.1",

"status":"200",

"request_time":"0.562",

"upstream_response_time":"0.562",

"request_length":"546",

"bytes_sent":"8013",

"body_bytes_sent":"7520",

"gzip_ratio":"-",

"connection_requests":"1",

"http_referer":"-",

"http_user_agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0",

"http_x_forwarded_for":"-"

}

 

参考链接：

http://nginx.org/en/docs/http/ngx_http_log_module.html#access_log