Nginx打印json日志

1.修改配置,在http{}中添加

log_format access_json '{"@timestamp":"$time_iso8601",'
                           '"host":"$server_addr",'
                           '"clientip":"$remote_addr",'
                           '"size":$body_bytes_sent,'
                           '"responsetime":$request_time,'
                           '"upstreamtime":"$upstream_response_time",'
                           '"upstreamhost":"$upstream_addr",'
                           '"http_host":"$host",'
                           '"url":"$uri",'
                           '"domain":"$host",'
                           '"xff":"$http_x_forwarded_for",'
                           '"referer":"$http_referer",'
                           '"status":"$status"}';
access_log  /var/log/nginx/access.log  access_json;

 

 

 2.重启

systemctl restart nginx

或者

nginx -s reload

3.访问,输出日志

{"@timestamp":"2019-10-12T18:41:48+08:00","host":"127.0.0.1","clientip":"127.0.0.1","size":0,"responsetime":0.000,"upstreamtime":"-","upstreamhost":"-","http_host":"localhost","url":"/index.html","domain":"localhost","xff":"-","referer":"-","status":"304"}

 

日志中变量的含义

log_format access_json '{"ts":"$fmt_localtime",'
                           '"server_addr":"$server_addr",'
                           '"request":"$request",'
                           '"http_accept_language":"$http_accept_language",'
                           '"http_user_agent":"$http_user_agent",'
                           '"remote_addr":"$remote_addr",'
                           '"body_bytes_sent,":$body_bytes_sent,'
                           '"request_time,":$request_time,'
                           '"request_length":$request_length,'
                           '"http_host":"$http_host",'
                           '"url":"$uri",'
                           '"host":"$host",'
                           '"http_x_forwarded_for":"$http_x_forwarded_for",'
                           '"http_referer":"$http_referer",'
                           '"status":"$status"}';

比如

{
"ts":"2019-10-14 16:02:19",
"server_addr":"127.0.0.1",
"request":"GET /index.html HTTP/1.1",
"http_accept_language":"zh-CN,en-US;q=0.7,en;q=0.3",
"http_user_agent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:69.0) Gecko/20100101 Firefox/69.0",
"remote_addr":"127.0.0.1",
"body_bytes_sent,":0,
"request_time,":0.000,
"request_length":448,
"http_host":"localhost",
"url":"/index.html",
"host":"localhost",
"http_x_forwarded_for":"-",
"http_referer":"-",
"status":"304"
}

参考

https://www.iteye.com/blog/bit1129-2205848

参数含义

1.访问时间 ts
2.访问端口 server_addr
3.请求方式(GET或者POST等)request
4.用户浏览器语言。如:上例中的 "es-ES,es;q=0.8" http_accept_language
5.用户浏览器其他信息,浏览器版本、浏览器类型等 http_user_agent
6.客户端(用户)IP地址 remote_addr
7.发送给客户端的文件主体内容的大小 body_bytes_sent
8.整个请求的总时间 request_time
9.请求的长度(包括请求行,请求头和请求正文)request_length
10.请求的url地址(目标url地址)的host http_host
11.请求url地址(去除host部分) uri
12.host 与 http_host的区别在于当使用非80/443端口的时候,http_host = host:port host
13.客户端的真实ip,通常web服务器放在反向代理的后面,这样就不能获取到客户端的IP地址了,通 过$remote_add拿到的IP地址是反向代理服务器的iP地址。反向代理服务器在转发请求的http头信息中,可以增加 x_forwarded_for信息,用以记录原有客户端的IP地址和原来客户端的请求的服务器地址  http_x_forwarded_for
14.记录从哪个页面链接访问过来的(请求头Referer的内容)http_referer
15.请求状态(状态码,200表示成功)  status

posted @ 2019-10-12 18:44  tonglin0325  阅读(3428)  评论(0编辑  收藏  举报