Nginx日志格式配置介绍
by:授客 QQ:1033553122
测试环境
CentOS 6.5-x86_64
nginx-1.10.0
配置例子
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $request_time $upstream_response_time $request_length $bytes_sent $body_bytes_sent $gzip_ratio $connection_requests "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/nginx-access.log main;
说明:如下,有时候我们可以把日志配置json串格式,方便其它程序使用
log_format main '{
"remote_addr":"$remote_addr",
"remote_user":"$remote_user",
"time_local":"$time_local",
"request":"$request",
"status":"$status",
"request_time":"$request_time",
"upstream_response_time":"$upstream_response_time",
"request_length":"$request_length",
"bytes_sent":"$bytes_sent",
"body_bytes_sent":"$body_bytes_sent",
"gzip_ratio":"$gzip_ratio",
"connection_requests":"$connection_requests",
"http_referer":"$http_referer",
"http_user_agent":"$http_user_agent",
"http_x_forwarded_for":"$http_x_forwarded_for"
}';
配置说明
可在相同层级(个人理解:这里的层级为下文的Context范围)指定多个日志
语法说明:
access_log path [format [buffer=size] [gzip[=level]] [flush=time] [if=condition]];
access_log off; # 关闭当前层级上的指定日志,即不记录日志
Default:access_log logs/access.log combined;
Context: http, server, location, if in location, limit_except
注意:路径path必须存在,如果开启了gzip日志压缩,则不能通过控制台实时查看日志了。
Syntax: log_format name [escape=default|json] string ...;
Default: log_format combined "...";
Context: http
format变量说明
$remote_addr
发起请求的客户端所在ip地址
$remote_user
发起请求的客户端用户名称,获取不到则显示为 -
$time_local
用来记录访问时间与时区(依赖nginx服务器本地时间),形如 20/Aug/2017:21:15:19 +0800,获取不到则显示为 -
$time_iso8601
类似$time_local,不同的是这里采用ISO 8601标准格式
$request
记录发起的请求,形如
POST /zentaopms/www/index.php?m=user&f=login&referer=L3plbnRhb3Btcy93d3cvaW5kZXgucGhw HTTP/1.1
$status
记录响应状态,比如 200
$request_time
记录请求处理时间(以秒为单位,携带毫秒的解决方案),从读取客户端第一个字节开始算起,到发送最后一个字节给客户端的时间间隔(原文:request processing time in seconds with a milliseconds resolution; time elapsed between the first bytes were read from the client and the log write after the last bytes were sent to the client)
$upstream_response_time
记录nginx从后端服务器(upstream server)获取响应的时间(以秒为单位,携带毫秒的解决方案),多个请求的时间以逗号分隔
参考链接:
http://nginx.org/en/docs/http/ngx_http_upstream_module.html#var_upstream_response_time
$request_length
记录请求长度(包括请求行,请求头,请求体)
$gzip_ratio
记录nginx gzip压缩比例,获取不到则显示为 -
$bytes_sent
发送给客户端的字节数
$body_bytes_sent
发送给客户端的响应体字节数
$connection_requests
单个连接的并发请求数(the current number of requests made through a connection (1.1.18)
$http_referer
记录请求引用页面地址
$http_user_agent
记录用户代理信息(通常是浏览器信息
$http_x_forwarded_for
当为了承受更大的负载使用反向代理时,web服务器不能获取真实的客户端IP,$remote_addr获取到的是反向代理服务器的ip,这种情况下,代理服务器通常会增加一个叫做x_forwarded_for的信息头,把连接它的真实客户端IP加到这个信息头里,这样就能保证网站的web服务器能获取到真实IP,获取不到则显示为 -
$connection
连接序列号
$msec
写入日志的时间(以秒为单位,携带毫秒的解决方案)(原文:time in seconds with a milliseconds resolution at the time of the log write)
$pipe
如果为管道请求则显示为p,否则显示为 .
日志输出样例
# tail -f /usr/local/ngnix/logs/access.log
192.168.1.101 - - [20/Aug/2017:22:28:44 +0800] "POST /zentaopms/www/index.php?m=user&f=login&referer=L3plbnRhb3Btcy93d3cvaW5kZXgucGhw HTTP/1.1" 200 0.365 0.365 764 794 302 - 1 "http://192.168.1.102/zentaopms/www/index.php?m=user&f=login&referer=L3plbnRhb3Btcy93d3cvaW5kZXgucGhw" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0" "-"
# tail -f /usr/local/ngnix/logs/access.log
{
"remote_addr":"192.168.1.101",
"remote_user":"-",
"time_local":"31/Aug/2017:10:37:01 +0800",
"request":"GET /zentaopms/www/index.php?m=user&f=login&referer=L3plbnRhb3Btcy93d3cvaW5kZXgucGhw HTTP/1.1",
"status":"200",
"request_time":"0.562",
"upstream_response_time":"0.562",
"request_length":"546",
"bytes_sent":"8013",
"body_bytes_sent":"7520",
"gzip_ratio":"-",
"connection_requests":"1",
"http_referer":"-",
"http_user_agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0",
"http_x_forwarded_for":"-"
}
参考链接:
http://nginx.org/en/docs/http/ngx_http_log_module.html#access_log