Nginx访问日志
-
日志格式配置
[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf
......
log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
' $host "$request_uri" $status'
' "$http_referer" "$http_user_agent"';
......
"combined_realip"为日志格式名称;
$remote_addr $http_x_forwarded_for [$time_local]'' $host "$request_uri" $status'' "$http_referer" "$http_user_agent"是日志的内容。
日志内容说明:
| 名称 | 含义 |
|---|---|
| $remote_addr | 客户端IP(公网IP) |
| $http_x_forwarded_for | 代理服务器的IP |
| $time_local | 服务器本地时间 |
| $host | 访问主机名(域名) |
| $request_uri | 访问的URL地址 |
| $status | 状态码 |
| $http_referer | referer |
| $http_user_agent | user_agent |
- 定义虚拟主机的日志格式
定义虚拟主机的前提是在Nginx配置文件中设定日志格式,然后才能在虚拟主机中进行调用(格式名称)
定义test.com.conf的日志格式:
[root@localhost ~]# vim /usr/local/nginx/conf/vhost/test.com.conf
......
access_log /tmp/test.com.log combined_realip;
......
# 指定日志位置及格式(格式名称)
检测并重新加载配置:
[root@localhost ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost ~]# /usr/local/nginx/sbin/nginx -s reload-
测试
访问test2.com:
[root@localhost ~]# curl -x127.0.0.1 test2.com -I
curl: (7) Failed connect to 127.0.0.1:1080; 拒绝连接
[root@localhost ~]# curl -x127.0.0.1:80 test2.com -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.8.0
Date: Thu, 04 Jan 2018 13:00:43 GMT
Content-Type: text/html
Content-Length: 184
Connection: keep-alive
Location: http://test.com/访问test.com:
[root@localhost ~]# curl -x127.0.0.1:80 test.com -I
HTTP/1.1 200 OK
Server: nginx/1.8.0
Date: Thu, 04 Jan 2018 13:00:54 GMT
Content-Type: text/html
Content-Length: 9
Last-Modified: Wed, 03 Jan 2018 14:45:43 GMT
Connection: keep-alive
ETag: "5a4cec97-9"
Accept-Ranges: bytes查看访问日志:
[root@localhost ~]# cat /tmp/test.com.log
127.0.0.1 - [04/Jan/2018:21:00:43 +0800] test2.com "/" 301 "-" "curl/7.29.0"
127.0.0.1 - [04/Jan/2018:21:00:54 +0800] test.com "/" 200 "-" "curl/7.29.0"
Nginx日志切割
因为Nginx没有自带的日志切割工具,所以需要借助系统日志切割命令或使用日志切割脚本。
-
日志切割脚本
为了方便管理,shell脚本统一保存位置:/usr/local/sbin/
编辑脚本:
[root@localhost ~]# vim /usr/local/sbin/nginx_log_rotate.sh
#! /bin/bash
d=date -d "-1 day" +%Y%m%d
#定义切割时间(切割一天前的日志)
logdir="/tmp/"
#此处指定要切割的日志路径(该路径来自虚拟主机配置文件)
nginx_pid="/usr/local/nginx/logs/nginx.pid"
#调用pid的目的是执行命令:/bin/kill -HUPcat $nginx_pid
#该命令等价于命令:nginx -s reload(重新加载文件),确保与虚拟主机配置文件变更保持同步
#该地址来自nginx配置文件
cd $logdir
for log inls *.log
do
mv $log $log-$d
done
#此处使用通配进行循环,对所有复合条件的日志文件进行切割
/bin/kill -HUPcat $nginx_pid
#执行此命令进行重载生成新的日志文件来记录新的日志执行脚本:
[root@localhost ~]# sh -x /usr/local/sbin/nginx_log_rotate.sh
++ date -d '-1 day' +%Y%m%d- d=20180103
- logdir=/tmp/
- nginx_pid=/usr/local/nginx/logs/nginx.pid
- cd /tmp/
++ ls test.com.log yum.log - for log in '
ls *.log' - mv test.com.log test.com.log-20180103
- for log in '
ls *.log' - mv yum.log yum.log-20180103
++ cat /usr/local/nginx/logs/nginx.pid - /bin/kill -HUP 1313
注意: -x 选项的作用是显示脚本执行过程。该脚本配合任务计划cron使用,定期进行切割和清理。
静态文件不记录日志和过期时间
-
核心配置参数:
配置虚拟主机配置文件:
[root@localhost ~]# vim /usr/local/nginx/conf/vhost/test.com.conf
......添加下面内容到配置文件中
location ~ ..(gif|jpg|jpeg|png|bmp|swf)$
#匹配文件类型
{
expires 7d;
#过期时间为7天
access_log off;
#不记录该类型文件的访问日志
}
location ~ ..(js|css)$
{
expires 12h;
#过期时间为12小时
access_log off;
#不记录该类型文件的访问日志
}
access_log /tmp/test.com.log combined_realip;
#指定日志位置及格式
......检测并重载配置文件:
[root@localhost ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost ~]# /usr/local/nginx/sbin/nginx -s reload -
测试
访问test.com:
[root@localhost ~]# curl -x127.0.0.1:80 test.com
test.com
[root@localhost ~]# cat /tmp/test.com.log
127.0.0.1 - [04/Jan/2018:23:39:40 +0800] test.com "/" 200 "-" "curl/7.29.0"
#有访问日志访问 abc。jpg
[root@localhost ~]# curl -x127.0.0.1:80 test.com/abc.jpg -I
HTTP/1.1 200 OK
Server: nginx/1.8.0
Date: Thu, 04 Jan 2018 15:41:59 GMT
Content-Type: image/jpeg
Content-Length: 247902
Last-Modified: Thu, 04 Jan 2018 15:41:12 GMT
Connection: keep-alive
ETag: "5a4e4b18-3c85e"
Expires: Thu, 11 Jan 2018 15:41:59 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytesmax-age=604800s=7天,即该文件缓存的过期时间为7天!
[root@localhost ~]# cat /tmp/test.com.log
127.0.0.1 - [04/Jan/2018:23:39:40 +0800] test.com "/" 200 "-" "curl/7.29.0"返回值为200,访问成功,但无访问日志。
