【2018.06.08学习笔记】【linux高级知识 12.10-12.12】

2019独角兽企业重金招聘Python工程师标准>>> hot3.png

12.10 Nginx访问日志

日志格式,是在nginx.conf下定义的:

[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf

user nobody nobody;
worker_processes 2;
error_log /usr/local/nginx/logs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
http
{
    log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
    ' $host "$request_uri" $status'
    ' "$http_referer" "$http_user_agent"';
}
//combined_realip:可定义的日志格式名
//$remote_addr:客户端ip(公网)
//$http_x_forwarded_for:代理服务器ip
//$time_local:服务器本地时间
//$host:访问主机的域名
//$request_uri:访问的url地址,域名+后面一串字符就叫url
//$status:状态码
//$http_referer:referer
//$http_user_agent:用户agent

定义好日志格式后,需在虚拟主机配置文件里加一段配置记录访问日志

server
{
   listen 80;
   server_name test.com test1.com test2.com;
   index index.html index.php;
   root /data/wwwroot/test.com;
  # location /
  # {
  #   auth_basic "Auth";
  #   auth_basic_user_file /usr/local/nginx/conf/htpasswd;
  # }
   if ($host != 'test.com')
   {
      rewrite ^(.*)/(.*)$ http://test.com/$2 permanent;
   }
  access_log /tmp/test.com.log combined_realip;
}
[root@localhost ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost ~]# /usr/local/nginx/sbin/nginx -s reload
//测试验证访问日志的记录
[root@localhost ~]# curl -x127.0.0.1:80 test.com/1.txt
echo "this is test page!"
[root@localhost ~]# curl -x127.0.0.1:80 test2.com/1.txt

301 Moved Permanently

301 Moved Permanently


nginx/1.14.0
[root@localhost ~]# cat /tmp/test.com.log 127.0.0.1 - [10/Jun/2018:14:42:47 +0800] test2.com "/" 301 "-" "curl/7.29.0" 127.0.0.1 - [10/Jun/2018:14:43:00 +0800] test.com "/" 403 "-" "curl/7.29.0" 127.0.0.1 - [10/Jun/2018:14:43:27 +0800] test.com "/1.txt" 200 "-" "curl/7.29.0" 127.0.0.1 - [10/Jun/2018:14:43:38 +0800] test2.com "/1.txt" 301 "-" "curl/7.29.0"

12.11 Nginx日志切割

Nginx不像Apache一样自带有日志切割的工具,我们要编写shell脚本实现日志切割功能:

[root@localhost ~]# vim /usr/local/nginx/conf/vhost/nginx_log_rotate.sh

#! /bin/bash
## 假设nginx的日志存放路径为/data/logs/
d=`date -d "-1 day" +%Y%m%d`    //定义一个时间,是昨天的日期
logdir="/tmp/"    //定义访问日志目录
nginx_pid="/usr/local/nginx/logs/nginx.pid"  //pid文件
cd $logdir   //进入日志目录
for log in `ls *.log`   //在日志目录里ls log后缀的文件,在ls的结果序列里循环操作
do
    mv $log $log-$d   //改名,把原来日志改成 带日期的名字。
done
/bin/kill -HUP `cat $nginx_pid`   //cat pid,就是nginx的进程号。kill -HUP是重新加载配置,而不用重启服务。
##add cron
#0 0 * * * /bin/bash /usr/local/nginx/conf/vhost/nginx_log_rotate.sh

//执行脚本测试
[root@localhost ~]# ls /tmp/
mysql.sock     systemd-private-3d1fb3a4802645c59cfef8920b56ddf0-chronyd.service-VYHBwZ   test.com.log
pear           systemd-private-3d1fb3a4802645c59cfef8920b56ddf0-vgauthd.service-Nc0aOg
php-fcgi.sock  systemd-private-3d1fb3a4802645c59cfef8920b56ddf0-vmtoolsd.service-1OJc7x

[root@localhost ~]# vim /usr/local/nginx/conf/vhost/nginx_log_rotate.sh 
[root@localhost ~]# sh -x /usr/local/nginx/conf/vhost/nginx_log_rotate.sh 
++ date -d '-1 day' +%Y%m%d
+ d=20180609
+ logdir=/tmp/
+ nginx_pid=/usr/local/nginx/logs/nginx.pid
+ cd /tmp/
++ ls test.com.log
+ for log in '`ls *.log`'
+ mv test.com.log test.com.log-20180609
++ cat /usr/local/nginx/logs/nginx.pid
+ /bin/kill -HUP 4096

[root@localhost ~]# ls /tmp/
mysql.sock     systemd-private-3d1fb3a4802645c59cfef8920b56ddf0-chronyd.service-VYHBwZ   test.com.log
pear           systemd-private-3d1fb3a4802645c59cfef8920b56ddf0-vgauthd.service-Nc0aOg   test.com.log-20180609
php-fcgi.sock  systemd-private-3d1fb3a4802645c59cfef8920b56ddf0-vmtoolsd.service-1OJc7x

//还可以做任务计划,每天执行这个脚本
[root[@localhost](https://my.oschina.net/u/570656) ~]# crontab -e
no crontab for root - using an empty one

0 0 * * * /bin/bash /usr/local/nginx/conf/vhost/nginx_los_rotate.sh
// 清理30天前的日志:
find /tmp/ -name *.log -type f -mtime +30|xargs rm

12.12 静态文件不记录日志和过期时间

在vhost的conf文件里加入配置段:

[root@localhost ~]# vim /usr/local/nginx/conf/vhost/test.com.conf 

{
   listen 80;
   index index.html index.php;
   root /data/wwwroot/test.com;
  # location /
  # {
  #   auth_basic "Auth";
  #   auth_basic_user_file /usr/local/nginx/conf/htpasswd;
  # } 
    
   location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$  //匹配正则表达式,包含gif等文件后缀的url
   {
     expires 7d;  // 过期时间7天
     access_log off;  //关闭访问日志功能
   } 
   
   location ~ .*\.(js|css)$
   {
     expires 12h;
     access_log off;
   } 
   
[root@localhost ~]# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@localhost ~]# /usr/local/nginx/sbin/nginx -s reload

//测试验证不记录访问日志:没记录gif和css的访问日志。
[root@localhost test.com]# curl -x127.0.0.1:80 test.com/1.txt
echo "this is test page!"
[root@localhost test.com]# curl -x127.0.0.1:80 test.com/1.gif
"this is a gif file"
[root@localhost test.com]# curl -x127.0.0.1:80 test.com/2.css
"this is css file" 
[root@localhost test.com]# cat /tmp/test.com.log
127.0.0.1 - [10/Jun/2018:15:18:14 +0800] test.com "/1.txt" 200 "-" "curl/7.29.0"

//测试过期时间:包含Cache-Control: max-age=43200 
[root@localhost test.com]# curl -x127.0.0.1:80 test.com/2.css -I
HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Sun, 10 Jun 2018 07:20:12 GMT
Content-Type: text/css
Content-Length: 20
Last-Modified: Sun, 10 Jun 2018 07:17:26 GMT
Connection: keep-alive
ETag: "5b1cd086-14"
Expires: Sun, 10 Jun 2018 19:20:12 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes

转载于:https://my.oschina.net/u/3804114/blog/1827592

你可能感兴趣的:(运维,操作系统,开发工具)