这里直接讲操作流程一会再补充。
1,nginx日志分割:
1.1 写脚本
1.1.1 创建文件/opt/nginx/splitLog.sh
1.1.2 设置文件可执行
chmod +x /opt/nginx/splitLog.sh
1.1.2 splitLog.sh内容
# /bin/bash
# 日志保存位置
base_path='/usr/local/nginx/logs'
# 获取当前年信息和月信息
log_path=$(date -d yesterday +"%Y%m")
# 获取昨天的日信息
day=$(date -d yesterday +"%Y%m%d")
# 按年月创建文件夹
mkdir -p $base_path/$log_path
# 备份昨天的日志到当月的文件夹
mv $base_path/access.log $base_path/$log_path/access_$day.log
mv $base_path/error.log $base_path/$log_path/error_$day.log
# 输出备份日志文件名
# echo $base_path/$log_path/access_$day.log
# 通过Nginx信号量控制重读日志
kill -USR1 `cat /usr/local/nginx/logs/nginx.pid`
1.2 设置定时任务,每天0点执行脚本
crontab -e
0 0 * * * bash /opt/nginx/splitLog.sh
2,nginx日志优化,目标方便elk收集统计
2.1 修改nginx配置文件,请注意map,log_format ,access_log的配置
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
map $http_x_forwarded_for $clientRealIp {
"" $remote_addr;
~^(?P<firstAddr>[0-9\.]+),?.*$ $firstAddr;
}
log_format nginx_log_json '{"accessip_list":"$proxy_add_x_forwarded_for","client_ip&