需求
- 记录tcp 访问日志
- 只记录业务访问的日志,负载均衡器发起的探测端口存活的空数据包不记录;
- 连接完成后马上写入日志(方便调试),默认nginx会写入缓存,缓存满后写入日志;
环境
-
系统:centos7
-
nginx version: nginx/1.14.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-28) (GCC) built with OpenSSL 1.0.2k-fips 26 Jan 2017 TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie'
配置访问日志
-
log_format
定义日志格式
-
access_log
开启访问日志
排除探测记录
-
map $bytes_received $loggable
定义排除和记录规则,nginx内置变量$bytes_received 记录收到的字节数,如果为0,则 $loggable 为0;$loggable默认值为1。
-
access_log 后面增加 if=$loggable 使规则生效
连接完成马上写日志
- open log file_cache off
完整配置示例
### tcp listen
stream {
log_format proxy '$remote_addr - [$time_local] '
'$protocol $status $bytes_sent $bytes_received '
'$session_time "$upstream_addr" '
'"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time" '
'$remote_addr $remote_port $server_addr $server_port';
map $bytes_received $loggable {
0 0;
default 1;
}
access_log /var/log/nginx/tcp-access.log proxy if=$loggable ;
open_log_file_cache off;
include /etc/nginx/conf.d/*.stream;
}
参考来源
以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网
猜你喜欢:
- Nginx 配置 Https 免费证书访问
- nginx配置ssl实现https访问 小白文
- Nginx配置http跳转https 强制https访问
- Ubuntu Nginx下配置ssl实现https访问
- DuiC 配置中心 1.2.1 发布,增加 IP 访问权限控制
- nginx配置 vue打包后的项目 解决刷新页面404问题|nginx配置多端访问
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
The Linux Command Line
William E. Shotts Jr. / No Starch Press, Incorporated / 2012-1-17 / USD 39.95
You've experienced the shiny, point-and-click surface of your Linux computer-now dive below and explore its depths with the power of the command line. The Linux Command Line takes you from your very ......一起来看看 《The Linux Command Line》 这本书的介绍吧!
