• 十一、nginx的日志及favicon.ico


    nginx的日志分为log_format和access_log两个控制参数

    log_format 用来定义记录日志的格式(可以定义多种日志格式,取不同的名字)。
    access_log 用来指定日志文件的路径及使用何种日志格式记录日志。

    语法格式

    Syntax:    access_log path [format [buffer=size] [gzip[=level]] [flush=time] [if=condition]];
    access_log off;
    Default:    access_log logs/access.log combined;
    Context:    http, server, location, if in location, limit_except

    案例配置

    log_format compression '$remote_addr - $remote_user [$time_local] '
                           '"$request" $status $bytes_sent '
                           '"$http_referer" "$http_user_agent" "$gzip_ratio"';
    
    access_log /spool/logs/nginx-access.log compression buffer=32k;

    测试案例

    nginx.conf的配置文件

    user  www;
    worker_processes  1;
    
    events {
        worker_connections  1024;
    }
    
    
    http {
        include       mime.types;
        default_type  application/octet-stream;
    
        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for"';
    
        access_log  logs/access.log  main;
        sendfile        on;
        #tcp_nopush     on;
        #keepalive_timeout  0;
        keepalive_timeout  65;
        #gzip  on;
        server {
            listen       80;
            server_name  localhost;
            location / {
                root   html;
                index  index.html index.htm;
            }
    
            error_page   500 502 503 504  /50x.html;
            location = /50x.html {
                root   html;
            }
        }
    }
           

    重新加载配置文件后,访问nginx,nginx日志的内容

    [root@node1 conf]# cat /usr/local/nginx/logs/access.log 
    10.0.0.1 - - [07/Sep/2020:21:21:32 +0800] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36"
    10.0.0.1 - - [07/Sep/2020:21:21:32 +0800] "GET /favicon.ico HTTP/1.1" 404 555 "http://10.0.0.101/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36"
    10.0.0.101 - - [08/Sep/2020:19:23:58 +0800] "GET / HTTP/1.1" 200 612 "-" "curl/7.29.0"
    10.0.0.101 - - [08/Sep/2020:19:24:03 +0800] "GET /bbs HTTP/1.1" 404 153 "-" "curl/7.29.0"
    10.0.0.101 - - [08/Sep/2020:19:24:08 +0800] "GET /bbs HTTP/1.1" 404 153 "-" "curl/7.29.0"
    10.0.0.101 - - [08/Sep/2020:19:24:16 +0800] "GET /bbs HTTP/1.1" 301 169 "-" "curl/7.29.0"
    10.0.0.101 - - [08/Sep/2020:19:24:24 +0800] "GET /bbs HTTP/1.1" 301 169 "-" "curl/7.29.0"
    10.0.0.101 - - [08/Sep/2020:19:24:24 +0800] "GET /bbs/ HTTP/1.1" 200 5 "-" "curl/7.29.0"
    10.0.0.102 - - [09/Sep/2020:16:48:33 +0800] "GET / HTTP/1.1" 200 16 "-" "curl/7.29.0"
    10.0.0.102 - - [09/Sep/2020:16:50:30 +0800] "GET / HTTP/1.1" 200 16 "-" "curl/7.29.0"
    10.0.0.103 - - [09/Sep/2020:16:52:45 +0800] "GET / HTTP/1.1" 200 16 "-" "curl/7.29.0"
    10.0.0.103 - - [09/Sep/2020:16:54:27 +0800] "GET / HTTP/1.1" 403 153 "-" "curl/7.29.0"

    定义json日志格式

    nginx 的默认访问日志记录内容相对比较单一,默认的格式也不方便后期做日志统计分析,生产环境中通常将nginx日志转换为json日志,然后配合使用ELK做日志收集-统计-分析

    自定义json日志格式

    log_format access_json '{"@timestamp":"$time_iso8601",'
    '"host":"$server_addr",'
    '"clientip":"$remote_addr",'
    '"size":$body_bytes_sent,'
    '"responsetime":$request_time,'
    '"upstreamtime":"$upstream_response_time",'
    '"upstreamhost":"$upstream_addr",'
    '"http_host":"$host",'
    '"uri":"$uri",'
    '"domain":"$host",'
    '"xff":"$http_x_forwarded_for",'
    '"referer":"$http_referer",'
    '"tcp_xff":"$proxy_protocol_addr",'
    '"http_user_agent":"$http_user_agent",'
    '"status":"$status"}';
    access_log /apps/nginx/logs/access_json.log access_json;

    json格式的访问日志示例:

    {"@timestamp":"2019-02-
    22T08:55:32+08:00","host":"192.168.7.102","clientip":"192.168.0.1","size":162,"resp
    onsetime":0.000,"upstreamtime":"-","upstreamhost":"-
    ","http_host":"www.magedu.net","uri":"/favicon.ico","domain":"www.magedu.net","xff"
    :"-","referer":"-","tcp_xff":"","http_user_agent":"Mozilla/5.0 (Windows NT 6.1;
    Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0","status":"404"}

    json格式的日志访问统计

    #cat nginx_json.py
    #!/usr/bin/env python
    #coding:utf-8
    status_200= []
    status_404= []
    with open("access_json.log") as f:
    for line in f.readlines():
    line = eval(line)
    if line.get("status") == "200":
    status_200.append(line.get)
    elif line.get("status") == "404":
    status_404.append(line.get)
    else:
    print("状态码 ERROR")
    f.close()
    print "状态码200的有--:",len(status_200)
    print "状态码404的有--:",len(status_404)
    # python nginx_json.py
    状态码200的有--: 1910
    状态码404的有--: 13

    nginx日志缓存

    Syntax:    open_log_file_cache max=N [inactive=time] [min_uses=N] [valid=time];
    open_log_file_cache off;
    Default:    open_log_file_cache off;
    Context:    http, server, location

    定义一个缓存,用于存储名称中包含变量的常用日志的文件描述符

    max:缓存的最大文件描述符数量
    min_uses:在inactive指定的时长内访问大于等于此值方可被当作活动项
    inactive:非活动时长
    valid:验证缓存中各缓存项是否为活动项的时间间隔

    关于favicon.ico

    favicon.ico 文件是浏览器收藏网址时显示的图标,当使用浏览器访问页面时,浏览器会自己主动发起请求获取页面的favicon.ico文件,但是当浏览器请求的favicon.ico文件不存在时,服务器会记录404日志,而且浏览器也会显示404报错
    解决方案:
    服务器不记录访问日志:
    location = /favicon.ico {
    log_not_found off; #文件没发现事件不记录error_log
    access_log off; #不记录access_log
    }
    将图标保存到指定目录访问:
    #location ~ ^/favicon.ico$ {
    location = /favicon.ico {
    root /data/nginx/html/pc/images;
    }
    I have a dream so I study hard!!!
  • 相关阅读:
    CTreeCtrl::HitTest
    GetLastError()函数返回值及含义
    最大轮廓和投影 转
    一些Python黑客脚本
    win10系统架构调用
    rootkit基础
    面向对象编程
    机器学习概述
    XXE攻击
    浏览器安全
  • 原文地址:https://www.cnblogs.com/yaokaka/p/13651415.html
Copyright © 2020-2023  润新知