apache訪問日誌管理
阿新 • • 發佈:2017-12-22
apache訪問日誌管理1.訪問日誌
在之前的虛擬主機配置文件中,有兩行日誌相關的配置,末尾的combined是日誌的格式類型
ErrorLog "logs/111.com-error_log" CustomLog "logs/111.com-access_log" combined
在apache的主配置文件中定義了如下的日誌格式
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common
/usr/local/apache2.4/logs/111.com-access_log中記錄了主機111.com的訪問記錄,combined模式的日誌如下:
[root@test_01 ~]# cat /usr/local/apache2.4/logs/111.com-access_log 192.168.231.128 - - [21/Dec/2017:00:22:13 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 8 127.0.0.1 - - [21/Dec/2017:20:02:16 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 401 - 127.0.0.1 - - [21/Dec/2017:20:11:22 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 401 - 127.0.0.1 - - [21/Dec/2017:20:16:12 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 401 - 192.168.231.1 - - [21/Dec/2017:20:18:16 +0800] "GET / HTTP/1.1" 401 381 192.168.231.1 - wennan [21/Dec/2017:20:18:51 +0800] "GET / HTTP/1.1" 401 381 192.168.231.1 - wennan [21/Dec/2017:20:18:59 +0800] "GET / HTTP/1.1" 200 8 192.168.231.1 - wennan [21/Dec/2017:20:18:59 +0800] "GET /favicon.ico HTTP/1.1" 404 209 192.168.231.1 - wennan [21/Dec/2017:20:19:15 +0800] "GET / HTTP/1.1" 200 8 192.168.231.1 - wennan [21/Dec/2017:20:22:00 +0800] "GET / HTTP/1.1" 200 8 192.168.231.1 - wennan [21/Dec/2017:20:38:38 +0800] "GET / HTTP/1.1" 200 8 192.168.231.1 - wennan [21/Dec/2017:20:40:23 +0800] "GET / HTTP/1.1" 200 8 192.168.231.1 - wennan [21/Dec/2017:20:40:32 +0800] "GET / HTTP/1.1" 200 8 192.168.231.1 - wennan [21/Dec/2017:20:40:59 +0800] "GET / HTTP/1.1" 200 8 192.168.231.1 - wennan [21/Dec/2017:20:41:11 +0800] "GET / HTTP/1.1" 200 8 192.168.231.128 - wennan [21/Dec/2017:20:43:25 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 200 - 192.168.231.1 - wennan [21/Dec/2017:20:51:55 +0800] "GET / HTTP/1.1" 200 8 192.168.231.1 - wennan [21/Dec/2017:20:52:04 +0800] "GET /123.php HTTP/1.1" 500 - 127.0.0.1 - - [21/Dec/2017:20:53:11 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 200 - 127.0.0.1 - - [21/Dec/2017:20:53:21 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 401 - 192.168.231.128 - wennan [21/Dec/2017:20:53:36 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 200 - 192.168.231.128 - wennan [21/Dec/2017:20:54:07 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 29 192.168.231.1 - wennan [21/Dec/2017:20:54:14 +0800] "GET /123.php HTTP/1.1" 200 29 192.168.231.128 - - [21/Dec/2017:22:05:24 +0800] "HEAD HTTP://2111.com.cn/ HTTP/1.1" 301 - 192.168.231.128 - - [21/Dec/2017:22:58:50 +0800] "HEAD HTTP://2111.com.cn/ HTTP/1.1" 301 - 192.168.231.128 - - [21/Dec/2017:22:58:54 +0800] "HEAD HTTP://2111.com.cn/ HTTP/1.1" 301 - 192.168.231.128 - - [21/Dec/2017:22:58:55 +0800] "HEAD HTTP://2111.com.cn/ HTTP/1.1" 301 - 192.168.231.128 - - [21/Dec/2017:23:00:48 +0800] "HEAD HTTP://2111.com.cn/ HTTP/1.1" 301 - "-" "curl/7.29.0" 192.168.231.128 - - [21/Dec/2017:23:00:49 +0800] "HEAD HTTP://2111.com.cn/ HTTP/1.1" 301 - "-" "curl/7.29.0"
2.不記錄指定類型的文件
①在虛擬主機配置文件中加入如下內容:
SetEnvIf Request_URI ".*\.gif$" img SetEnvIf Request_URI ".*\.jpg$" img SetEnvIf Request_URI ".*\.png$" img SetEnvIf Request_URI ".*\.bmp$" img SetEnvIf Request_URI ".*\.swf$" img SetEnvIf Request_URI ".*\.js$" img SetEnvIf Request_URI ".*\.css$" img CustomLog "logs/111.com-access_log" combined env=!img
上述配置內容意義為,將gif等類型的文件同意標記為img,然後在記錄訪問日誌的時候不去記錄img標記的訪問記錄
②重啟服務
[root@test_01 ~]# /usr/local/apache2.4/bin/apachectl graceful
③多次訪問jpg,png等類型文件及非img文件後得到如下日誌。設置生效。
[root@test_01 ~]# !tail tail /usr/local/apache2.4/logs/111.com-access_log 127.0.0.1 - - [21/Dec/2017:23:28:57 +0800] "HEAD HTTP://111.com/asdasdasdasda.jpg HTTP/1.1" 404 - "-" "curl/7.29.0" 127.0.0.1 - - [21/Dec/2017:23:37:38 +0800] "HEAD HTTP://111.com/asdasdasdasda.jpg HTTP/1.1" 404 - "-" "curl/7.29.0" 127.0.0.1 - - [21/Dec/2017:23:38:13 +0800] "HEAD HTTP://111.com/asdasdasdasda.jpg HTTP/1.1" 404 - "-" "curl/7.29.0" 127.0.0.1 - - [21/Dec/2017:23:38:45 +0800] "HEAD HTTP://111.com/asdasdasdasda.jpg HTTP/1.1" 404 - "-" "curl/7.29.0" 127.0.0.1 - - [21/Dec/2017:23:39:26 +0800] "HEAD HTTP://111.com/asdasdasdasda.jpg HTTP/1.1" 404 - "-" "curl/7.29.0" 127.0.0.1 - - [21/Dec/2017:23:41:20 +0800] "GET HTTP://111.com/asdasdasdasda.jpg HTTP/1.1" 404 215 "-" "curl/7.29.0" 127.0.0.1 - - [21/Dec/2017:23:41:42 +0800] "GET HTTP://111.com/asdasdasdasda.jpg HTTP/1.1" 404 215 "-" "curl/7.29.0" 127.0.0.1 - - [21/Dec/2017:23:46:16 +0800] "GET HTTP://111.com/asdasdasdasda.png HTTP/1.1" 404 215 "-" "curl/7.29.0" 127.0.0.1 - - [21/Dec/2017:23:49:52 +0800] "GET HTTP://111.com/asdasdasdasda.jpg1 HTTP/1.1" 404 216 "-" "curl/7.29.0" 127.0.0.1 - - [21/Dec/2017:23:49:58 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0"
3.日誌切割
①配置虛擬主機配置文件如下:
CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/111.com-access_%Y%m%d.log 86400" combined env=!img
說明:
在此處,調用apache自帶的日至切割工具rotatelogs來進行處理。
-l:以當前時間系統時間為基準切割日誌,否則以UTC時間切割日誌。
%Y%m%d:根據時間日期自動創建對應時間的日誌文件。
86400:以天為單位切割日誌。
②重新加載主機配置文件,然後使用curl工具或者瀏覽器訪問111.com的內容來產生訪問日至。
[root@test_01 ~]# curl -x127.0.0.1:80 111.com/123.php 123.php authorization passed [root@test_01 ~]# curl -x127.0.0.1:80 111.com/123.php 123.php authorization passed [root@test_01 ~]# curl -x127.0.0.1:80 111.com/123.php 123.php authorization passed [root@test_01 ~]# curl -x127.0.0.1:80 111.com/123.php 123.php authorization passed
③查看/usr/local/apache2.4/logs/目錄下產生的以日期分割的新日誌文件
[root@test_01 ~]# ls /usr/local/apache2.4/logs/ 111.com-access_20171222.log 123.com-access_log access_log 111.com-access_log abc.com-access_log error_log 111.com-error_log abc.com-error_log httpd.pid [root@test_01 logs]# cat 111.com-access_20171222.log 127.0.0.1 - - [22/Dec/2017:00:35:01 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0" 127.0.0.1 - - [22/Dec/2017:00:35:05 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0" 127.0.0.1 - - [22/Dec/2017:00:35:07 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0" 127.0.0.1 - - [22/Dec/2017:00:35:07 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0" 127.0.0.1 - - [22/Dec/2017:00:35:08 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0" 127.0.0.1 - - [22/Dec/2017:00:35:09 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0" 127.0.0.1 - - [22/Dec/2017:00:35:09 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0" 127.0.0.1 - - [22/Dec/2017:00:35:10 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0" 127.0.0.1 - - [22/Dec/2017:00:35:28 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 29 "-" "curl/7.29.0" 127.0.0.1 - - [22/Dec/2017:00:35:30 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 29 "-" "curl/7.29.0" 127.0.0.1 - - [22/Dec/2017:00:35:30 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 29 "-" "curl/7.29.0" 127.0.0.1 - - [22/Dec/2017:00:35:31 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 29 "-" "curl/7.29.0"
apache訪問日誌管理