ELK企业应用-elk监控nginx(一)nginx格式配置
1、概述
Nignx日志主要有access和error两种日志,access中记录客户访问的所有记录,可根据需要并按照一定的格式配置不同参数以获取不同要的信息,以便于分析和统计。
nginx日志格式配置
建议配置如下:
log_format main '$remote_addr - $remote_user [$time_local] $http_host $request_method "$uri" "$query_string" '
'$status $body_bytes_sent "$http_referer" $upstream_status $upstream_addr $request_time $upstream_response_time '
'"$http_user_agent" "$http_x_forwarded_for"' ;
2、测试环境搭建
为了快速,全yum安装,配置文件全部默认
yum install nginx php php-fpm php-web -y
3、配置
3.1.配置主文件
vim /etc/nginx/nginx.conf
###########################################3
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
############定义日志格式 log_format
log_format main '$remote_addr - $remote_user [$time_local] $http_host $request_method "$uri" "$query_string" '
'$status $body_bytes_sent "$http_referer" $upstream_status $upstream_addr $request_time $upstream_response_time '
'"$http_user_agent" "$http_x_forwarded_for"' ;
access_log /var/log/nginx/access.log main; #####定义access.log格式为main
error_log /var/log/nginx/error.log; #####定义error.log格式默认
sendfile on;
keepalive_timeout 65;
include vhost/*.conf; ######指定配置文件包含/etc/nginx/vhost 下所有.conf文件
}
3.2.创建vhost目录
mkdir /etc/nginx/vhost -p
3.3.编辑两个测试配置文件:a.conf,b.conf
vim /etc/nginx/vhost/a.conf
######################################
server {
listen 80;
server_name localhost;
access_log /var/log/nginx/a.access.log main;######指定access.log文件位置与格式
error_log /var/log/nginx/a.error.log;#####指定error.log文件位置
location / {
root html/a; ######指定网页文件
index index.php index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root html;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
include fastcgi_params;
}
}
vim /etc/nginx/vhost/b.conf
server {
listen 81;
server_name localhost;
access_log /var/log/nginx/b.access.log main;
error_log /var/log/nginx/b.error.log;
location / {
root html/b;
index index.php index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root html;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
include fastcgi_params;
}
}
3.4.编辑网页测试文件
mkdir -p /usr/share/nginx/html/a
mkdir -p /usr/share/nginx/html/b
echo 'hello word' > /usr/share/nginx/html/a/index.html
echo '<?phpinfo()?>' > /usr/share/nginx/html/b/index.php
4、检查
/usr/sbin/nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
5、启动
systemctl restart nginx.service
systemctl start php-fpm.service
6、检查
6.1.检查端口
[root@l html]# netstat -lntup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 3031/php-fpm: maste
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 6745/nginx: master
tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 6745/nginx: master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 970/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1103/master
tcp6 0 0 :::22 :::* LISTEN 970/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1103/master
6.2.检查网页
访问80端口,页面正常
访问81端口,页面失败,但失败日志也会记录
6.3.检查日志
cat /var/log/nginx/a.access.log #########日志记录
10.0.0.1 - - [21/Sep/2018:15:44:00 +0800] 10.0.0.133 GET "/index.html" "-" 304 0 "-" - - 0.000 - "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" "-"
[root@l html]# cat /var/log/nginx/a.error.log ######无错误
[root@l html]#
[root@l html]# cat /var/log/nginx/b.access.log ##########错误日志也会记录
10.0.0.1 - - [21/Sep/2018:15:45:21 +0800] 10.0.0.133:81 GET "/index.php" "-" 404 27 "-" 404 127.0.0.1:9000 0.009 0.009 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36" "-"
[root@l html]# cat /var/log/nginx/b.error.log #######错误日志记录
2018/09/21 15:45:21 [error] 6747#0: *9 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 10.0.0.1, server: localhost, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "10.0.0.133:81"
[root@l html]#
可以对比到b.access.log与b.error.log格式,说明格式配置成功。