收集Nginx的json格式日志(五)

一.配置nginx

[root@linux-node1 ~]# vim /etc/nginx/nginx.conf
#修改日志格式为json格式,并创建一个nginxweb的网站目录
log_format access_json '{"@timestamp":"$time_iso8601",'
                           '"host":"$server_addr",'
                           '"clientip":"$remote_addr",'
                           '"size":$body_bytes_sent,'
                           '"responsetime":$request_time,'
                           '"upstreamtime":"$upstream_response_time",'
                           '"upstreamhost":"$upstream_addr",'
                           '"http_host":"$host",'
                           '"url":"$uri",'
                           '"domain":"$host",'
                           '"xff":"$http_x_forwarded_for",'
                           '"referer":"$http_referer",'
                           '"status":"$status"}';
    access_log  /var/log/nginx/access.log  access_json;

        location /nginxweb {
                root html;
                index index.html index.htm;
        }
[root@linux-node1 ~]# mkdir /usr/share/nginx/html/nginxweb
[root@linux-node1 ~]# echo "<h1> welcome to use Nginx" > /usr/share/nginx/html/nginxweb/index.html
[root@linux-node1 ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@linux-node1 ~]# systemctl start nginx

 

二、配置logstash

# vim /etc/logstash/conf.d/nginxlog.conf
input{
    file {
        path => "/var/log/nginx/access.log"
        type => "nginx-access-log"
        start_position => "beginning"
        stat_interval => "2"
    }

}

output{
   elasticsearch {
        hosts => ["10.0.0.22:9200"]
        index => "logstash-nginx-access-log-%{+YYYY.MM.dd}"
   }
}

三、Kibana展示

[[root@saltstack02 ~]# ab -n1000 -c 100 http://10.0.0.22/nginxweb/index.html    #对页面压测
  
[root@saltstack02 conf.d]# tailf /var/log/nginx/access.log    #nginx的访问日志变成了json格式
{"@timestamp":"2018-06-20T19:14:30+08:00","host":"10.0.0.22","clientip":"10.0.0.22","size":26,"responsetime":0.000,"upstreamtime":"-","upstreamhost":"-","http_host":"10.0.0.22","url":"/nginxweb/index.html","domain":"10.0.0.22","xff":"-","referer":"-","status":"200"}
{"@timestamp":"2018-06-20T19:14:30+08:00","host":"10.0.0.22","clientip":"10.0.0.22","size":26,"responsetime":0.000,"upstreamtime":"-","upstreamhost":"-","http_host":"10.0.0.22","url":"/nginxweb/index.html","domain":"10.0.0.22","xff":"-","referer":"-","status":"200"}
{"@timestamp":"2018-06-22T09:10:42+08:00","host":"10.0.0.22","clientip":"10.0.0.1","size":26,"responsetime":0.000,"upstreamtime":"-","upstreamhost":"-","http_host":"10.0.0.22","url":"/nginxweb/index.html","domain":"10.0.0.22","xff":"-","referer":"-","status":"200"}

Head插件查看:

 

  

  

 

posted @ 2018-06-22 10:59  jimmy_xuli  阅读(343)  评论(0编辑  收藏  举报