LNMP架構訪問日誌、日誌切割、靜態檔案不記錄及過期時間設定
阿新 • • 發佈:2018-11-28
11月27日任務
12.10 Nginx訪問日誌
12.11 Nginx日誌切割
12.12 靜態檔案不記錄日誌和過期時間
Nginx訪問日誌
- 修改nginx配置檔案
[[email protected] vhost]# vim /usr/local/nginx/conf/nginx.conf # 搜尋:/log_format # 在nginx中以;作為一行的結尾,所以下列程式碼時一個配置 # 格式:“log_format 日誌格式名 格式;” log_format test '$remote_addr $http_x_forwarded_for [$time_local]' ' $host "$request_uri" $status' ' "$http_referer" "$http_user_agent"';
格式內使用的變數說明如下:
變數名 | 說明 |
---|---|
$remote_addr | 客戶端ip(公網ip) |
$http_x_forwarded_for | 代理伺服器的ip |
$time_local | 伺服器本地時間 |
$host | 訪問主機名(域名) |
$request_uri | 訪問的url地址 |
$status | 狀態碼 |
$http_referer | referer |
$http_user_agent | user_agent |
- 在虛擬主機內定義日誌路徑
# 在server塊內插入
access_log /tmp/test.com.log test;
# 格式為access_log 日誌存放路徑 日誌格式名(主配置檔案內定義的)
- 重啟服務
[[email protected] vhost]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[ [email protected] vhost]# /usr/local/nginx/sbin/nginx -s reload
- 驗證效果
[[email protected] vhost]# curl -x 127.0.0.1:80 test.com
[[email protected] vhost]# curl -x 127.0.0.1:80 test2.com/index.php
[[email protected] vhost]# curl -x 127.0.0.1:80 test2.com/index1.php
# 成功記錄
[[email protected] vhost]# cat /tmp/test.com.log
127.0.0.1 - [...:19:05:22 +0800] test.com "/" 401 "-" "curl/7.29.0"
127.0.0.1 - [...:19:05:34 +0800] test2.com "/index.php" 301 "-" "curl/7.29.0"
127.0.0.1 - [...:19:05:39 +0800] test2.com "/index1.php" 301 "-" "curl/7.29.0"
Nginx日誌切割
nginx沒有apache內的rotatelog
日誌切割命令,我們可以通過自定義shell指令碼來實現日誌切割的功能。
- 建立自定義指令碼
[[email protected] vhost]# vim /usr/local/sbin/nginx_log_rotate.sh
[[email protected] vhost]# cat /usr/local/sbin/nginx_log_rotate.sh
#!/bin/bash
# date +%Y%m%d 顯示的是今天的日期
# 加上 -d "-1 day" 顯示的是昨天的日期
d=`date -d "-1 day" +%Y%m%d`
# 定義日誌存放的路徑,虛擬主機配置檔案內定義
logdir="/tmp"
# pid檔案
nginx_pid="/usr/local/nginx/logs/nginx.pid"
cd $logdir
# 在日誌存放路徑下迴圈更改日誌檔名
for log in `ls *.log`
do
mv $log $log-$d
done
# 在不關閉程序前提下重啟,等價於nginx -s reload
/bin/kill -HUP `cat $nginx_pid`
- 指令碼測試
# sh -x 可以顯示指令碼執行的過程
[[email protected] vhost]# sh -x /usr/local/sbin/nginx_log_rotate.sh
++ date -d '-1 day' +%Y%m%d
+ d=20180102
+ logdir=/tmp
+ nginx_pid=/usr/local/nginx/logs/nginx.pid
+ cd /tmp
++ ls test.com.log
+ for log in '`ls *.log`'
+ mv test.com.log test.com.log-20180102
++ cat /usr/local/nginx/logs/nginx.pid
+ /bin/kill -HUP 1299
# 檢視是否實現功能
[[email protected] vhost]# ls /tmp/*.log*
/tmp/test.com.log /tmp/test.com.log-20180102
- 配合crontab命令週期性執行
[[email protected] vhost]# crontab -e
0 0 * * * /bin/bash /usr/local/sbin/nginx_log_rotate.sh
靜態檔案不記錄日誌和過期時間
- 修改虛擬主機配置檔案
[[email protected] vhost]# vim /usr/local/nginx/conf/vhost/test.com.conf
# ~ 匹配後續的正則表示
# 使用\轉義.,匹配.jpg等檔案
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
# expires設定過期時間
expires 7d;
# 關閉日誌記錄
access_log off;
}
location ~ .*\.(css|js)$
{
expires 12h;
access_log off;
}
- 測試
- 驗證靜態檔案不記錄日誌
[[email protected] vhost]# curl -x 127.0.0.1:80 test.com/index.php
<html>
<head><title>401 Authorization Required</title></head>
<body bgcolor="white">
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx/1.12.2</center>
</body>
</html>
[[email protected] vhost]# curl -x 127.0.0.1:80 test.com/1.gif
jhasdifhoai
[[email protected] vhost]# curl -x 127.0.0.1:80 test.com/2.js
abdsuofghan
# gif/js檔案日誌未記錄訪問日誌
[[email protected] vhost]# cat /tmp/test.com.log
127.0.0.1 - [...:19:36:25 +0800] test.com "/index.php" 401 "-" "curl/7.29.0"
- 驗證過期時間
- 測試gif的過期時間
[[email protected] vhost]# curl -x 127.0.0.1:80 test.com/1.gif -I
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Wed, ... 11:36:52 GMT
Content-Type: image/gif
Content-Length: 12
Last-Modified: Wed, ... 11:35:29 GMT
Connection: keep-alive
ETag: "5a4cc001-c"
Expires: Wed, ... 11:36:52 GMT
# 資訊內顯示max-age時間
Cache-Control: max-age=604800
Accept-Ranges: bytes
- 測試js檔案的過期時間
[[email protected] vhost]# curl -x 127.0.0.1:80 test.com/2.js -I
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Wed, ... 11:36:58 GMT
Content-Type: application/javascript
Content-Length: 12
Last-Modified: Wed, ... 11:35:44 GMT
Connection: keep-alive
ETag: "5a4cc010-c"
Expires: Wed, ... 23:36:58 GMT
# 資訊內顯示max-age時間
Cache-Control: max-age=43200
Accept-Ranges: bytes
- 測試PHP檔案,沒有max-age資訊
[[email protected] vhost]# curl -x 127.0.0.1:80 test.com/index.php
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Wed, ... 11:46:58 GMT
Content-Type: application/octet-stream
Content-Length: 19
Last-Modified: Wed, ... 11:36:44 GMT
Connection: keep-alive
ETag: "5a4e1572-13"
Accept-Ranges: bytes