Through the log, you can know the user’s address, which parts of your website are most popular, the user’s browsing time, and targeted optimization for most users’ browsers.
Nginx’s logs are divided into: access log and error log
The access log records user information, page views, and user browsers, ips, and other access information.
Error log is to log the server error log
Log_format log format syntax
Log_format name (format name) format style (that is, what kind of log content you want to get)
'$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_s ent "$http_referer" '
hxff and htci are just for easy distinction. You can fill in any mark that you can distinguish, or ignore it at all.
126.96.36.199 - - [13/Oct/2018:21:17:20 -0600] hxff[-] htci[-] 127.0.0.1:9000 0.007 0.007 US nginxer.com GET /www/wwwroot/1.html HTTP/1.1 "200" 2888 "http://test.com" "es-ES,es;q=0.8" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/537.11"
188.8.131.52 - - [13/Oct/2018:21:17:20 -0600] hxff[-] htci[-] 127.0.0.1:9000 0.006 0.006 US nginxer.com GET /www/wwwroot/1.html HTTP/1.1 "200" 2888 "http://test.com" "es-ES,es;q=0.8" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/537.11"
From the above we can see a few pieces of information:
1. User client IP address. Such as: 184.108.40.206 in the above example
2. Access time. For example: [13/Oct/2018:21:17:20 -0600] in the above example
3. Access the port. Such as: 127.0.0.1: 9000 in the above example
4. Response time. Such as: 0.007 in the above example
5. Request time. Such as: 0.007 in the above example
6. User location code (country code). Such as: US (United States) in the above example
7. The host of the requested url address (target url address). Such as: nginxer.com in the above example
8. Request method (GET or POST, etc.). Such as: GET in the above example
9. Request the url address (remove the host part). For example: /www/wwwroot/test.html in the above example
10. Request status (status code, 200 means success, 404 means the page does not exist, 301 means permanent redirection, etc., the specific status code can find relevant articles on the Internet, no longer repeat). Such as: “200” in the above example
11. Request page size, default is B (byte). Such as: 2888 in the above example
12. The source page, from which page to the page, the professional name is called “referer”. For example: “http://a.com” in the above example
13. User browser language. For example: “es-ES, es;q=0.8” in the above example
14. Other information of the user’s browser, browser version, browser type, etc. For example: “Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/537.11”
In fact, the format of the nginx access log is not static and can be customized.
#access log format configuration, if you do not understand can correspond to the above parameters
Log_format main '$remote_addr - $remote_user [$time_local] '
'hxff[$http_x_forwarded_for] htci[$http_true_client_ip] '
'$upstream_addr $upstream_response_time $request_time '
'$http_host $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_accept_language" "$http_user_agent" ';
#Configure the storage location and file of the access log log. Note: The access.log file can be divided by date, which is convenient for viewing and processing.
Access_log /home/logs/nginx/log/access.log main;
This article was first published by V on 2018-10-14 and can be reprinted with permission, but please be sure to indicate the original link address of the article :http://www.nginxer.com/records/nginx-access_log-log-analysis-and-configuration/