How to customize logging and enable log buffer in Nginx

Access Log

nginx writes information about client requests in the access log immediately after processing the request. By default, the access log is located in logs/access.log, and information is written to the log in a predefined combination format.

If you want to accurately record access information, you need to customize a more complete access log format, as shown below:

http {
  log_format geoproxy
  '[$time_local] $remote_addr '
  '$realip_remote_addr $remote_user '
  '$request_method $server_protocol '
  '$scheme $server_name $uri $status '
  '$request_time $body_bytes_sent '
  '$geoip_city_country_code3 $geoip_region '
  '"$geoip_city" $http_x_forwarded_for '
  '$upstream_status $upstream_response_time '
  '"$http_referer" "$http_user_agent"';
  ...
}

This log configuration is named geoproxy, which uses many nginx variables to Demonstrates nginx logging functionality. Detailed explanation of the specific meaning of each variable in the configuration options:

When the user initiates a request, the server time $time_local will be recorded, $remote_user value is the user name through basic authorization;

is used for nginx Process the ip address of the open connection and the client ip address of the geoip_proxy and realip_header instructions;

and then record the http request method $request_method, protocol $server_protocol and http method $scheme: http or https;

Of course, there is also the server name $server_name, the requested uri and the response status code;

In addition to the basic information, there are also some statistical result data: including the millisecond-level time of request processing $request_time, and the data block of the server response Size $body_bytes_sent;

In addition, the client's country $geoip_city_country_code3, region $geoip_region and city information $geoip_city are also recorded;

Variable $http_x_forwarded_for is used to record requests initiated by other proxy servers The x-forwarded-for header message of the request;

Some data in the upstream module is also recorded in the log: the response status code of the proxied server $upstream_status, the establishment of the connection and the last response body received from the upstream server Byte time $upstream_response_time , time to establish the connection to the upstream server $upstream_connect_time , time to establish the connection and get the first byte of response header from the upstream $upstream_header_time .

The request source $http_referer and the user agent $http_user_agent can also be recorded in the log;

nginx’s logging function is very powerful and flexible. It should be noted that: Used to define the log format The log_format directive only works within the http block-level directive, and all time values ​​are in milliseconds and measured with millisecond resolution. .

The log configuration in this format will generate the following types of logs:

[25/feb/2019:16:20:42 0000] 10.0.1.16 192.168.0.122 derek
get http/1.1 http / 200 0.001 370 usa mi
"ann arbor" - 200 0.001 "-" "curl/7.47.0"

If you need to use this log configuration , need to be used in conjunction with the access_log directive. The access_log directive receives a log directory and the configuration name used as parameters:

server {
  access_log /var/log/nginx/access.log geoproxy;
  ...
}

access_log can be used in multiple contexts, and each context can define its own log directory and log recording format. .

Conclusion: The log module in nginx allows configuring log formats for different scenarios in order to view different log files.

In practical applications, it is very useful to configure different logs for different contexts. The recorded log content can be simple information, or all necessary information can be recorded in detail. Not only that, in addition to supporting text

, the log content can also record data in json format and xml format. Actually nginx logs help you understand information such as server traffic, client usage, and client origin. In addition, access logs can also help you locate responses and issues related to the upstream server or specific URIs; access logs are also useful for testing, as they can be used to analyze traffic and simulate real user interaction scenarios. Logs are indispensable in troubleshooting, debugging, application analysis, and business adjustments.

Error log

In order to accurately locate the nginx error log, use the built-in error_log directive to define the error log directory and the level of recording the error log. The configuration is as follows :

error_log /var/log/nginx/error.log warn;

error_log directive configuration requires a required log directory and an optional error level option.

Except the if directive, the error_log directive can be used in all contexts. Error log levels include:

debug, info, notice, warn, error, crit, alert and emerg. The log

level order given is the log level order from the smallest to the most rigorous record. It should be noted that the debug log

needs to be used with the --with-debug flag when compiling the nginx server.

When there is an error in server configuration, you first need to check the error log to locate the problem. The error log

is also a useful tool for locating application servers (such as fastcgi services). Through the error log, we can debug worker process connection errors, memory allocation, client IP and application server issues. The error log format does not support custom log formats; however, it also records data such as the current time, log level, and specific information.

注意：错误日志的默认设置适用于全局。要覆盖它，请将 error_log 指令放在 main （顶级）配置上下文中。 error_log 在开源 nginx 1.5.2 版中添加了在同一配置级别指定多个指令的功能。

通过 syslog 将日志发送到统一服务器

既然不再需要将日志写到磁盘的某个目录，而是发送到统一的日志服务器，则将原有的目录部分替换为服务器 ip 即可，配置如下：

error_log syslog:server=10.0.1.42 debug;
access_log syslog:server=10.0.1.42,tag=nginx,severity=info geoproxy;

#error_log server=unix:/var/log/nginx.sock debug;
#access_log syslog:server=[2001:db8::1]:1234,facility=local7,tag=nginx,severity=info;

error_log 和 access_log 指令的 syslog 参数紧跟冒号 : 和一些参数选项。包括：必选的 server 标记表示需要连接的 ip、dns 名称或 unix 套接字；

可以使用如上注释的高端玩。

可选参数有 facility 、 severity 、 tag :

server 参数接收带端口的 ip 地址或 dns 名称；默认是 udp 514 端口。

facility 参数设置 syslog 的类型 facility ，值是 syslog rfc 标准定义的 23 个值中一个，默认值为 local7 。其他可能的值是： auth ， authpriv ， daemon ， cron ， ftp ， lpr ， kern ， mail ， news ， syslog ， user ， uucp ， local0 ... local7

tag 参数表示日志文件中显示时候的标题，默认值是 nginx 。

severity 设置消息严重程度，默认是 info 级别日志。

日志缓冲区

当系统处于负载状态时，启用日志缓冲区以降低 nginx worker 进程阻塞。大量的磁盘读写和 cpu 资源使用对于服务器资源也是一种巨大消耗。将日志数据缓冲到内存中可能是很小的一个优化手段， buffer 参数意义是缓冲区的大小，功能是当缓冲区已经写满时，日志会被写入文件中； flush 参数意义是缓冲区内日志在缓冲区内存中保存的最长时间，功能即当缓存中的日志超过最大缓存时间，也会被写入到文件中， 不足的地方即写入到日志文件的日志有些许延迟，即时调试中应当关闭日志缓冲。 。配置如下：

http {
  access_log /var/log/nginx/access.log main buffer=32k flush=1m;
}

The above is the detailed content of How to customize logging and enable log buffer in Nginx. For more information, please follow other related articles on the PHP Chinese website!