nginx访问日志

  • 日志格式
    [root@aminglinux-02 nginx]# vim conf/nginx.conf
    log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
    '$host "$request_uri" $status'
    '"$http_referer" "$http_user_agent"';
    combined_realip这个是自定义的日志格式名
    $remote_addr 客户端ip(公网ip)
    $http_x_forwarded_for 代理服务器ip
    $time_local 服务器的本地时间
    $host 访问主机名(域名)
    $request_uri 访问的uri地址
    $status 状态码
    $http_referer referer
    $http_user_agent user agent
  • 除了在主配置文件定义日志格式,还需要在虚拟主机配置文件中增加 access_log /tmp/1.log combined_realip;
    server
    {
    listen 80;
    server_name test.com test1.com test2.com;
    index index.html index.htm index.php;
    root /data/wwwroot/test.com;
    if ($host != 'test.com'){
     rewrite  ^/(.*)$ http://test.com/$1 permanent;
    }
    access_log /tmp/1.log combined_realip;
    }
    • 这里的combined_realip是主配置文件中定义的日志格式名

      Nginx日志切割

  • 编写一个日志切割脚本
    [root@aminglinux-02 ~]# vim /usr/local/sbin/nginx_logrotate.sh
    #!/bin/bash
    d=`date -d "-1 day" +%Y%m%d`
    logdir="/tmp/"
    nginx_pid="/usr/local/nginx/logs/nginx.pid"
    cd $logdir
    for log in `ls *.log`
    do
    mv $log $log-$d
    done
    /bin/kill -HUP `cat $nginx_pid`
  • 脚本存放路径/usr/local/sbin
  • d变量定义的是切割前一天日期,logdir是日志的路径
  • 用一个for循环来遍历所有的虚拟主机日志
  • 最后一行是生成新的日志文件
  • 清除过期的日志文件命令
    [root@aminglinux-02 ~]# find /tmp/ -name *.log-* -type f -mtime +30 |xargs rm
  • 任务计划,每天凌晨执行
    [root@aminglinux-02 ~]# crontab -e
    no crontab for root - using an empty one
    0 0 * * * /bin/bash /usr/local/sbin/nginx_logrotate.sh

    静态文件不记录日志和过期时间

  • 虚拟主机配置如下
    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$  #匹配.gif等文件
    {
          expires      7d;    #过期时间,如果没有这个,这两个可以写在一个location里
          access_log off;
    }
    location ~ .*\.(js|css)$
    {
          expires      12h;
          access_log off;
    }
  • 测试
    [root@akuilinux01 test.com]# vim 1.gif
    [root@akuilinux01 test.com]# vim 2.js
    [root@akuilinux01 test.com]# curl -x127.0.0.1:80 test.com/1.gif
    dkajdkaj
    [root@akuilinux01 test.com]# curl -x127.0.0.1:80 test.com/2.js
    26376732
    [root@akuilinux01 test.com]# curl -x127.0.0.1:80 test.com/
    <html>
    <head><title>401 Authorization Required</title></head>
    <body bgcolor="white">
    <center><h1>401 Authorization Required</h1></center>
    <hr><center>nginx/1.14.0</center>
    </body>
    </html>
    [root@akuilinux01 test.com]# cat /tmp/nginx_access.log
    127.0.0.1 - [16/Jun/2018:11:05:31 +0800] test.com "/" 401 "-" "curl/7.29.0"
    [root@akuilinux01 test.com]# curl -x127.0.0.1:80 test.com/2.jsdjakjk
    <html>
    <head><title>401 Authorization Required</title></head>
    <body bgcolor="white">
    <center><h1>401 Authorization Required</h1></center>
    <hr><center>nginx/1.14.0</center>
    </body>
    </html>
    [root@akuilinux01 test.com]# cat /tmp/nginx_access.log
    127.0.0.1 - [16/Jun/2018:11:05:31 +0800] test.com "/" 401 "-" "curl/7.29.0"
    127.0.0.1 - [16/Jun/2018:11:06:55 +0800] test.com "/2.jsdjakjk" 401
    以.js和.gif结尾的不记录,其他的记录
  • max-age=43200这个是过期时间
    [root@akuilinux01 test.com]# curl -x127.0.0.1:80 test.com/2.js -I
    HTTP/1.1 200 OK
    Server: nginx/1.14.0
    Date: Sat, 16 Jun 2018 03:07:14 GMT
    Content-Type: application/javascript
    Content-Length: 9
    Last-Modified: Sat, 16 Jun 2018 03:04:31 GMT
    Connection: keep-alive
    ETag: "5b247e3f-9"
    Expires: Sat, 16 Jun 2018 15:07:14 GMT
    Cache-Control: max-age=43200
    Accept-Ranges: bytes