Nginx错误日志
https://coding.net/u/aminglinux/p/nginx/git/blob/master/log/error.md
Nginx错误日志平时不用太关注,但是一旦出了问题,就需要借助错误日志来判断问题所在。 配置参数格式:error_log /path/to/log level;
常见的错误日志级别有debug | info | notice | warn | error | crit | alert | emerg 级别越高记录的信息越少,如果不定义,默认级别为error. 它可以配置在main、http、server、location段里。 如果在配置文件中定义了两个error_log,在同一个配置段里的话会产生冲突,所以同一个段里只允许配置一个error_log。 但是,在不同的配置段中出现是没问题的。
error_log /var/log/nginx/error.log crit; 如果要想彻底关闭error_log,需要这样配置 error_log /dev/null;
1.实验:编辑nginx主配置文件将error级别配置为crit
[root@centos-03 conf]# vim nginx.conf
#error_log logs/error.log;
error_log logs/error.log crit;
#error_log logs/error.log info;
[root@centos-03 conf]# vim vhost/1.conf
server { listen 80; server_name www.123.com; index index.html; root /data/wwwroot/www.1.com; rewrite_log on; location / { rewrite /123.html /1.html redirect; error_log /tmp/nginx.err debug; } }
[root@centos-03 conf]# /usr/local/nginx/sbin/nginx -s reload [root@centos-03 conf]#
2.清空日志内容
[root@centos-03 conf]# > /tmp/nginx.err [root@centos-03 conf]# > /usr/local/nginx/logs/error.log [root@centos-03 conf]#
3.我们访问一个不存在的文件,错误日志没有记录,虚拟主机定义的有记录
[root@centos-03 conf]# curl www.123.com/123 <html> <head><title>404 Not Found</title></head> <body bgcolor="white"> <center><h1>404 Not Found</h1></center> <hr><center>nginx/1.14.0</center> </body> </html> [root@centos-03 conf]# cat /usr/local/nginx/logs/error.log [root@centos-03 conf]# cat /tmp/nginx.err 2018/07/28 16:07:53 [notice] 29883#0: *71 "/123.html" does not match "/123", client: 127.0.0.1, server: www.123.com, request: "GET /123 HTTP/1.1", host: "www.123.com" 2018/07/28 16:07:53 [error] 29883#0: *71 open() "/data/wwwroot/www.1.com/123" failed (2: No such file or directory), client: 127.0.0.1, server: www.123.com, request: "GET /123 HTTP/1.1", host:
"www.123.com" 2018/07/28 16:07:53 [info] 29883#0: *71 client 127.0.0.1 closed keepalive connection [root@centos-03 conf]#
[root@centos-03 conf]# curl www.123.com/123.html <html> <head><title>302 Found</title></head> <body bgcolor="white"> <center><h1>302 Found</h1></center> <hr><center>nginx/1.14.0</center> </body> </html> [root@centos-03 conf]# cat /tmp/nginx.err 2018/07/28 16:07:53 [notice] 29883#0: *71 "/123.html" does not match "/123", client: 127.0.0.1, server: www.123.com, request: "GET /123 HTTP/1.1", host: "www.123.com" 2018/07/28 16:07:53 [error] 29883#0: *71 open() "/data/wwwroot/www.1.com/123" failed (2: No such file or directory), client: 127.0.0.1, server: www.123.com, request: "GET /123 HTTP/1.1", host:
"www.123.com" 2018/07/28 16:07:53 [info] 29883#0: *71 client 127.0.0.1 closed keepalive connection 2018/07/28 16:10:30 [notice] 29883#0: *72 "/123.html" matches "/123.html", client: 127.0.0.1, server: www.123.com, request: "GET /123.html HTTP/1.1", host: "www.123.com" 2018/07/28 16:10:30 [notice] 29883#0: *72 rewritten redirect: "/1.html", client: 127.0.0.1, server: www.123.com, request: "GET /123.html HTTP/1.1", host: "www.123.com" 2018/07/28 16:10:30 [info] 29883#0: *72 client 127.0.0.1 closed keepalive connection [root@centos-03 conf]#
Nginx访问日志-日志格式
https://coding.net/u/aminglinux/p/nginx/git/blob/master/log/format.md
https://coding.net/u/aminglinux/p/nginx/git/blob/master/log/acclog.md
Nginx访问日志格式
Nginx访问日志可以设置自定义的格式,来满足特定的需求。
访问日志格式示例
示例1 log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]' '$host "$request_uri" $status' '"$http_referer" "$http_user_agent"'; 示例2 log_format main '$remote_addr [$time_local] ' '$host "$request_uri" $status "$request"' '"$http_referer" "$http_user_agent" "$request_time"'; 若不配置log_format或者不在access_log配置中指定log_format,则默认格式为: '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent";
常见变量
变量 说明 $time_local 通用日志格式下的本地时间;(服务器时间) $remote_addr 客户端(用户)IP地址 $status 请求状态码,如200,404,301,302等 $body_bytes_sent 发送给客户端的字节数,不包括响应头的大小 $bytes_sent 发送给客户端的总字节数 $request_length 请求的长度(包括请求行,请求头和请求正文) $request_time 请求处理时间,单位为秒,小数的形式 $upstream_addr 集群轮询地址 $upstream_response_time 指从Nginx向后端(php-cgi)建立连接开始到接受完数据然后关闭连接为止的时间 $remote_user 用来记录客户端用户名称 $request 请求方式(GET或者POST等)+URL(包含$request_method,$host,$request_uri) $http_user_agent 用户浏览器标识 $http_host 请求的url地址(目标url地址)的host $host 等同于$http_host $http_referer 来源页面,即从哪个页面转到本页,如果直接在浏览器输入网址来访问,则referer为空 $uri 请求中的当前URI(不带请求参数,参数位于$args),不同于浏览器传递的$request_uri的值,它可以通过内部重定向,或者使用index指令进行修改。 $document_uri 等同于$uri $request_uri 比$uri多了参数,即$uri+$args $http_x_forwarded_for 如果使用了代理,这个参数会记录代理服务器的ip和客户端的ip
实验:
1.查看或编辑nginx主配置文件
[root@centos-03 conf]# vim nginx.conf
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" $host $server_
port';
2.配置虚拟主机的访问日志文件
[root@centos-03 conf]# vim vhost/1.conf
server {
listen 80;
server_name www.123.com;
index index.html;
root /data/wwwroot/www.1.com;
rewrite_log on;
location /
{
rewrite /123.html /1.html redirect;
error_log /tmp/nginx.err debug;
access_log /tmp/123.com.log main;
}
}
3.测试
[root@centos-03 conf]# /usr/local/nginx/sbin/nginx -s reload [root@centos-03 conf]# curl www.123.com/123.html <html> <head><title>302 Found</title></head> <body bgcolor="white"> <center><h1>302 Found</h1></center> <hr><center>nginx/1.14.0</center> </body> </html> [root@centos-03 conf]# cat /tmp/123.com.log 127.0.0.1 - - [28/Jul/2018:17:09:52 +0800] "GET /123.html HTTP/1.1" 302 161 "-" "curl/7.29.0" "-" www.123.com 80 [root@centos-03 conf]#
配置Nginx访问日志
1.生产机上访问日记格式加上$http_x_forwarded_for这样就可以接收到代理ip了
实验:编辑配置文件为8080端口
root@centos-03 vhost]# vim 1.conf
server {
listen 8080;
server_name www.123.com;
index index.html;
root /data/wwwroot/www.1.com;
rewrite_log on;
location /
{
rewrite /123.html /1.html redirect;
error_log /tmp/nginx.err debug;
access_log /tmp/123.com.log main;
}
}
2.新建代理虚拟主机
[root@centos-03 vhost]# vim proxy.conf
server
{
listen 80;
server_name www.123.com;
location /
{
proxy_pass http://192.168.242.133:8080/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
[root@centos-03 vhost]# /usr/local/nginx/sbin/nginx -s reload [root@centos-03 vhost]# curl -x127.0.0.1:8080 www.123.com/123.html (不用代理访问) <html> <head><title>302 Found</title></head> <body bgcolor="white"> <center><h1>302 Found</h1></center> <hr><center>nginx/1.14.0</center> </body> </html> [root@centos-03 vhost]# cat /tmp/123.com.log 127.0.0.1 - - [28/Jul/2018:17:09:52 +0800] "GET /123.html HTTP/1.1" 302 161 "-" "curl/7.29.0" "-" www.123.com 80 127.0.0.1 - - [28/Jul/2018:17:50:37 +0800] "GET HTTP://www.123.com/123.html HTTP/1.1" 302 161 "-" "curl/7.29.0" "-" www.123.com 8080 [root@centos-03 vhost]#
[root@centos-03 vhost]# curl -x127.0.0.1:80 www.123.com/123.html (代理访问)
<html>
<head><title>302 Found</title></head>
<body bgcolor="white">
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.14.0</center>
</body>
</html>
[root@centos-03 vhost]# cat /tmp/123.com.log
127.0.0.1 - - [28/Jul/2018:17:09:52 +0800] "GET /123.html HTTP/1.1" 302 161 "-" "curl/7.29.0" "-" www.123.com 80
127.0.0.1 - - [28/Jul/2018:17:50:37 +0800] "GET HTTP://www.123.com/123.html HTTP/1.1" 302 161 "-" "curl/7.29.0" "-" www.123.com 8080
192.168.242.133 - - [28/Jul/2018:17:52:23 +0800] "GET /123.html HTTP/1.0" 302 161 "-" "curl/7.29.0" "127.0.0.1" www.123.com 8080
[root@centos-03 vhost]#
3.再加一层代理试试能获取到ip吗
[root@centos-03 vhost]# vim proxy2.conf server { listen 8000; server_name www.123.com; location / { proxy_pass http://192.168.242.133/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
4.用8000端口访问
[root@centos-03 vhost]# /usr/local/nginx/sbin/nginx -s reload [root@centos-03 vhost]# curl -x127.0.0.1:8000 www.123.com/123.html <html> <head><title>302 Found</title></head> <body bgcolor="white"> <center><h1>302 Found</h1></center> <hr><center>nginx/1.14.0</center> </body> </html> [root@centos-03 vhost]# !cat cat /tmp/123.com.log 127.0.0.1 - - [28/Jul/2018:17:09:52 +0800] "GET /123.html HTTP/1.1" 302 161 "-" "curl/7.29.0" "-" www.123.com 80 127.0.0.1 - - [28/Jul/2018:17:50:37 +0800] "GET HTTP://www.123.com/123.html HTTP/1.1" 302 161 "-" "curl/7.29.0" "-" www.123.com 8080 192.168.242.133 - - [28/Jul/2018:17:52:23 +0800] "GET /123.html HTTP/1.0" 302 161 "-" "curl/7.29.0" "127.0.0.1" www.123.com 8080 192.168.242.133 - - [28/Jul/2018:18:06:21 +0800] "GET /123.html HTTP/1.0" 302 161 "-" "curl/7.29.0" "127.0.0.1, 192.168.242.133" www.123.com 8080 [root@centos-03 vhost]#
Nginx日志过滤指定文件
https://coding.net/u/aminglinux/p/nginx/git/blob/master/log/filter.md
一个网站,会包含很多元素,尤其是有大量的图片、js、css等静态元素。 这样的请求其实可以不用记录日志。
location ~* ^.+.(gif|jpg|png|css|js)$ { access_log off; } 或 location ~* ^.+.(gif|jpg|png|css|js)$ { access_log /dev/null; }
实验:
[root@centos-03 vhost]# vim 1.conf server { listen 8080; server_name www.123.com; index index.html; root /data/wwwroot/www.1.com; rewrite_log on; location / { rewrite /123.html /1.html redirect; error_log /tmp/nginx.err debug; } location ~* '(css|js|png|jpg|gif|rar|mp4)$' { access_log off; #access_log /dev/null; } access_log /tmp/123.com.log main; }
访问测试,我们访问css的文件时没有记录日志,访问css1记录了日志
[root@centos-03 vhost]# curl -x127.0.0.1:8000 www.123.com/123.css <html> <head><title>404 Not Found</title></head> <body bgcolor="white"> <center><h1>404 Not Found</h1></center> <hr><center>nginx/1.14.0</center> </body> </html> [root@centos-03 vhost]# !cat cat /tmp/123.com.log 127.0.0.1 - - [28/Jul/2018:17:09:52 +0800] "GET /123.html HTTP/1.1" 302 161 "-" "curl/7.29.0" "-" www.123.com 80 127.0.0.1 - - [28/Jul/2018:17:50:37 +0800] "GET HTTP://www.123.com/123.html HTTP/1.1" 302 161 "-" "curl/7.29.0" "-" www.123.com 8080 192.168.242.133 - - [28/Jul/2018:17:52:23 +0800] "GET /123.html HTTP/1.0" 302 161 "-" "curl/7.29.0" "127.0.0.1" www.123.com 8080 192.168.242.133 - - [28/Jul/2018:18:06:21 +0800] "GET /123.html HTTP/1.0" 302 161 "-" "curl/7.29.0" "127.0.0.1, 192.168.242.133" www.123.com 8080 [root@centos-03 vhost]#
[root@centos-03 vhost]# curl -x127.0.0.1:8000 www.123.com/123.css1
<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.14.0</center>
</body>
</html>
[root@centos-03 vhost]# cat /tmp/123.com.log
127.0.0.1 - - [28/Jul/2018:17:09:52 +0800] "GET /123.html HTTP/1.1" 302 161 "-" "curl/7.29.0" "-" www.123.com 80
127.0.0.1 - - [28/Jul/2018:17:50:37 +0800] "GET HTTP://www.123.com/123.html HTTP/1.1" 302 161 "-" "curl/7.29.0" "-" www.123.com 8080
192.168.242.133 - - [28/Jul/2018:17:52:23 +0800] "GET /123.html HTTP/1.0" 302 161 "-" "curl/7.29.0" "127.0.0.1" www.123.com 8080
192.168.242.133 - - [28/Jul/2018:18:06:21 +0800] "GET /123.html HTTP/1.0" 302 161 "-" "curl/7.29.0" "127.0.0.1, 192.168.242.133" www.123.com 8080
192.168.242.133 - - [28/Jul/2018:18:31:14 +0800] "GET /123.css1 HTTP/1.0" 404 169 "-" "curl/7.29.0" "127.0.0.1, 192.168.242.133" www.123.com 8080
[root@centos-03 vhost]#
Nginx日志切割
https://coding.net/u/aminglinux/p/nginx/git/blob/master/log/rotate.md
如果任由访问日志写下去,日志文件会变得越来越大,甚至是写满磁盘。 所以,我们需要想办法把日志做切割,比如每天生成一个新的日志,旧的日志按规定时间删除即可。 实现日志切割可以通过写shell脚本或者系统的日志切割机制实现。
shell脚本切割Nginx日志
切割脚本内容: #!/bin/bash logdir=/var/log/nginx //定义日志路径 prefix=`date -d "-1 day" +%y%m%d` //定义切割后的日志前缀 cd $logdir for f in `ls *.log` do mv $f $f-$prefix //把日志改名 done /bin/kill -USR1 $(cat /usr/local/nginx/logs/nginx.pid 2>/dev/null) 2>/dev/null //生成新的日志 bzip2 *$prefix //压缩日志 find . -type f -mtime +180 |xargs /bin/rm -f //删除超过180天的老日志
系统日志切割机制
在/etc/logrotate.d/下创建nginx文件,内容为: /data/logs/*log { daily rotate 30 missingok notifempty compress sharedscripts postrotate /bin/kill -USR1 $(cat /usr/local/nginx/logs/nginx.pid 2>/dev/null) 2>/dev/null || : endscript } 说明: 1 nginx日志在/data/logs/目录下面,日志名字以log结尾 2 daily表示每天切割 3 rotate 30表示日志保留30天 4 missingok表示忽略错误 5 notifempty表示如果日志为空,不切割 6 compress表示压缩 7 sharedscripts和endscript中间可以引用系统的命令 8 postrotate表示当切割之后要执行的命令
实验:
1.日志切割不仅仅是访问日志、错误日志也应该切割,日志切割最好是把所有的日志集中在一个目录下,我们这里把所有的日志放到data/logs下
[root@centos-03 ~]# cd /usr/local/nginx/conf/vhost/ [root@centos-03 vhost]# mkdir /data/logs/ [root@centos-03 vhost]#
2.给每个虚拟主机配置日志文件
[root@centos-03 vhost]# vim 1.conf server { listen 8080; server_name www.123.com; index index.html; root /data/wwwroot/www.1.com; rewrite_log on; location / { rewrite /123.html /1.html redirect; error_log /data/logs/123.com.err.log debug; } location ~* '(css|js|png|jpg|gif|rar|mp4)$' { access_log off; #access_log /dev/null; } access_log /data/logs/123.com.acc.log main; }
3.测试是否生成新的日志文件
[root@centos-03 vhost]# /usr/local/nginx/sbin/nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful [root@centos-03 vhost]# /usr/local/nginx/sbin/nginx -s reload [root@centos-03 vhost]# ls /data/logs/ 123.com.acc.log 123.com.err.log [root@centos-03 vhost]# curl -x127.0.0.1:8000 www.123.com/123 -I HTTP/1.1 404 Not Found Server: nginx/1.14.0 Date: Sat, 28 Jul 2018 13:03:47 GMT Content-Type: text/html Content-Length: 169 Connection: keep-alive [root@centos-03 vhost]#
[root@centos-03 vhost]# cd /data/logs/ [root@centos-03 logs]# ls 123.com.acc.log 123.com.err.log [root@centos-03 logs]# cat * 192.168.242.133 - - [28/Jul/2018:21:03:47 +0800] "HEAD /123 HTTP/1.0" 404 0 "-" "curl/7.29.0" "127.0.0.1, 192.168.242.133" www.123.com 8080 2018/07/28 21:03:47 [notice] 30143#0: *99 "/123.html" does not match "/123", client: 192.168.242.133, server: www.123.com, request: "HEAD /123 HTTP/1.0", host: "www.123.com" 2018/07/28 21:03:47 [error] 30143#0: *99 open() "/data/wwwroot/www.1.com/123" failed (2: No such file or directory), client: 192.168.242.133, server: www.123.com, request: "HEAD /123 HTTP/1.0"
, host: "www.123.com" [root@centos-03 logs]#
4.做日志切割
方法一:
[root@centos-03 logs]# vim /usr/local/nginx/sbin/log_rotate.sh #!/bin/bash logdir=/data/logs/ prefix=`date -d "-1 day" +%y%m%d` cd $logdir for f in `ls *.log` do mv $f $f-$prefix done /bin/kill -USR1 $(cat /usr/local/nginx/logs/nginx.pid 2>/dev/null) 2>/dev/null (USR1亦通常被用来告知应用程序重载配置文件;例如,向Apache HTTP服务器发送一个USR1信号将导致以下步骤的发生:停止接受新的连接,
等待当前连接停止,重新载入配置文件,重新打开日志文件,重启服务器,从而实现相对平滑的不关机的更改。) bzip2 *$prefix find . -type f -mtime +180 |xargs /bin/rm -f
[root@centos-03 logs]# sh -x /usr/local/nginx/sbin/log_rotate.sh + logdir=/data/logs/ ++ date -d '-1 day' +%y%m%d + prefix=180727 + cd /data/logs/ ++ ls 123.com.acc.log 123.com.err.log + for f in '`ls *.log`' + mv 123.com.acc.log 123.com.acc.log-180727 + for f in '`ls *.log`' + mv 123.com.err.log 123.com.err.log-180727 ++ cat /usr/local/nginx/logs/nginx.pid + /bin/kill -USR1 29709 + bzip2 123.com.acc.log-180727 123.com.err.log-180727 + xargs /bin/rm -f + find . -type f -mtime +180 [root@centos-03 logs]# ls 123.com.acc.log 123.com.err.log 123.com.acc.log-180727.bz2 123.com.err.log-180727.bz2 [root@centos-03 logs]#
[root@centos-03 logrotate.d]# crontab -e 0 0 * * * /bin/bash /usr/local/nginx/sbin/log_rotate.sh
方法二
[root@centos-03 logrotate.d]# cd /etc/logrotate.d/ [root@centos-03 logrotate.d]# vim nginx /data/logs/*log { daily rotate 30 missingok notifempty compress sharedscripts postrotate /bin/kill -USR1 $(cat /usr/local/nginx/logs/nginx.pid 2>/dev/null) 2>/de v/null || : endscript }