一、nginx访问日志
[root@lnmp ~]# vim /usr/local/nginx/conf/nginx.conf (修改Nginx的配置文件)
搜索/log_format (log_format后面跟的combined_realip是一个自定义名字,用来定义整个日志格式,这里写什么,虚拟配置文件后面就可以加上什么,我这里将combined_realip修改为lty)
log_format lty 'remoteaddrhttp_x_forwarded_for [$time_local]'
' host"request_uri" $status'
' "httpreferer""http_user_agent"';
[root@lnmp ~]# vim /usr/local/nginx/conf/vhost/test.com.conf (修改虚拟机文件)
access_log /tmp/test.com.log lty; (增加一行,lty是刚在主配置文件里写的日志格式)
检查语法错误并且重新加载配置文件:
[root@lnmp ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@lnmp ~]# /usr/local/nginx/sbin/nginx -s reload
检测;
[root@lnmp ~]# curl -x127.0.0.1:80 test2.com/admin/1.php -I
HTTP/1.1 301 Moved Permanently
Server: nginx/1.8.0
Date: Thu, 14 Dec 2017 05:32:49 GMT
Content-Type: text/html
Content-Length: 184
Connection: keep-alive
Location: http://test.com/admin/1.php
[root@lnmp ~]# curl -x127.0.0.1:80 test.com/admin/1.php
touch file.php
[root@lnmp ~]# cat /tmp/test.com.log (查看日志)
127.0.0.1 - [14/Dec/2017:13:32:49 +0800] test2.com "/admin/1.php" 301 "-" "curl/7.29.0"
127.0.0.1 - [14/Dec/2017:13:33:10 +0800] test.com "/admin/1.php" 200 "-" "curl/7.29.0"
二、nginx的日志切割
nginx日志切割
nginx没有像httpd一样,自己带有切割工具,则需要借助系统的切割工具或者自己写一个切割的脚本
[root@lnmp ~]# vim /usr/local/sbin/nginx_log_rotate.sh (写一个自主切割的脚本)
#!/bin/bash
#假设nginx的日志存放路径为/data/logs/
d=`date -d "-1 day" +%Y%m%d` (生成一个年月日day -1的日期,(昨天的日期))
logdir="/tmp/" (定义logdir为/tmp)
nginx_pid="/usr/local/nginx/logs/nginx.pid" (给Nginx.pid定义一个变量,为下面命令做准备)
cd $logdir (进入到logdir中)
for log in `ls *.log` (做一个for循环,ls当前目录下所有以.log文件为结尾的文件)
do
mv loglog-$d (把以log为结尾的日志名都改成log---日期)
done
/bin/kill -HUP `cat $nginx_pid` (重新启动nginx_pid进程,重新生成一个test.com.log文件)
执行脚本:
[root@lnmp ~]# sh -x /usr/local/sbin/nginx_log_rotate.sh
++ date -d '-1 day' +%Y%m%d
+ d=20171213
+ logdir=/tmp/
+ nginx_pid=/usr/local/nginx/logs/nginx.pid
+ cd /tmp/
++ ls test.com.log
+ for log in '`ls *.log`'
+ mv test.com.log test.com.log-20171213
++ cat /usr/local/nginx/logs/nginx.pid
+ /bin/kill -HUP 1157
[root@lnmp ~]# ll /tmp/
srwxrwxrwx. 1 mysql mysql 0 12月 14 11:56 mysql.sock
srw-rw-rw-. 1 root root 0 12月 14 11:55 php-fcgi.sock
drwx------. 3 root root 17 12月 14 11:55 systemd-private-50670dd070a94a6f85f2f82feb779c46-vmtoolsd.service-vZTOZz
-rw-r--r--. 1 root root 0 12月 14 13:54 test.com.log
-rw-r--r--. 1 root root 0 12月 14 13:54 test.com.log-20171213
最后一步,添加任务计划:
[root@lnmp ~]# crontab -e
no crontab for root - using an empty one
0 0 * * * /bin/bash /usr/local/sbin/nginx_log_rotate.sh (添加一行)
三、静态文件不记录日志
[root@lnmp ~]# vim /usr/local/nginx/conf/vhost/test.com.conf
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ (以gif,jpg,jpeg,png,bmp,swf结尾的文件保存7天,并且不记录日志)
{
expires 7d;
access_log off;
}
location ~ .*\.(js|css)$
{
expires 12h; (以js,css结尾的文件保存12小时,并且不记录日志)
access_log off;
}
检查语法并且重新加载配置文件:
[root@lnmp ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@lnmp ~]# /usr/local/nginx/sbin/nginx -s reload
证明:分别访问了以gif,js,html为结尾的3个文件,发现日志里只记录了html为结尾的访问信息。
[root@lnmp ~]# curl -x127.0.0.1:80 test.com/1.gif
dasdasdafasdfaf
[root@lnmp ~]# curl -x127.0.0.1:80 test.com/2.js
fdasfsadfasdfzczv
[root@lnmp ~]# curl -x127.0.0.1:80 test.com/index.html
test.com
[root@lnmp ~]# cat /tmp/test.com.log
127.0.0.1 - [14/Dec/2017:14:30:40 +0800] test.com "/index.html" 200 "-" "curl/7.29.0"
