2. 程式人生 > >apache訪問日誌管理

apache訪問日誌管理

阿新 發佈:2017-12-22
apache訪問日誌管理

1.訪問日誌

在之前的虛擬主機配置文件中,有兩行日誌相關的配置,末尾的combined是日誌的格式類型

 ErrorLog "logs/111.com-error_log"
 CustomLog "logs/111.com-access_log" combined

在apache的主配置文件中定義了如下的日誌格式

    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

/usr/local/apache2.4/logs/111.com-access_log中記錄了主機111.com的訪問記錄,combined模式的日誌如下:

[root@test_01 ~]# cat /usr/local/apache2.4/logs/111.com-access_log
192.168.231.128 - - [21/Dec/2017:00:22:13 +0800] "GET HTTP://111.com/ HTTP/1.1" 200 8
127.0.0.1 - - [21/Dec/2017:20:02:16 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 401 -
127.0.0.1 - - [21/Dec/2017:20:11:22 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 401 -
127.0.0.1 - - [21/Dec/2017:20:16:12 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 401 -
192.168.231.1 - - [21/Dec/2017:20:18:16 +0800] "GET / HTTP/1.1" 401 381
192.168.231.1 -  wennan [21/Dec/2017:20:18:51 +0800] "GET / HTTP/1.1" 401 381
192.168.231.1 - wennan [21/Dec/2017:20:18:59 +0800] "GET / HTTP/1.1" 200 8
192.168.231.1 - wennan [21/Dec/2017:20:18:59 +0800] "GET /favicon.ico HTTP/1.1" 404 209
192.168.231.1 - wennan [21/Dec/2017:20:19:15 +0800] "GET / HTTP/1.1" 200 8
192.168.231.1 - wennan [21/Dec/2017:20:22:00 +0800] "GET / HTTP/1.1" 200 8
192.168.231.1 - wennan [21/Dec/2017:20:38:38 +0800] "GET / HTTP/1.1" 200 8
192.168.231.1 - wennan [21/Dec/2017:20:40:23 +0800] "GET / HTTP/1.1" 200 8
192.168.231.1 - wennan [21/Dec/2017:20:40:32 +0800] "GET / HTTP/1.1" 200 8
192.168.231.1 - wennan [21/Dec/2017:20:40:59 +0800] "GET / HTTP/1.1" 200 8
192.168.231.1 - wennan [21/Dec/2017:20:41:11 +0800] "GET / HTTP/1.1" 200 8
192.168.231.128 - wennan [21/Dec/2017:20:43:25 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 200 -
192.168.231.1 - wennan [21/Dec/2017:20:51:55 +0800] "GET / HTTP/1.1" 200 8
192.168.231.1 - wennan [21/Dec/2017:20:52:04 +0800] "GET /123.php HTTP/1.1" 500 -
127.0.0.1 - - [21/Dec/2017:20:53:11 +0800] "HEAD HTTP://111.com/ HTTP/1.1" 200 -
127.0.0.1 - - [21/Dec/2017:20:53:21 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 401 -
192.168.231.128 - wennan [21/Dec/2017:20:53:36 +0800] "HEAD HTTP://111.com/123.php HTTP/1.1" 200 -
192.168.231.128 - wennan [21/Dec/2017:20:54:07 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 29
192.168.231.1 - wennan [21/Dec/2017:20:54:14 +0800] "GET /123.php HTTP/1.1" 200 29
192.168.231.128 - - [21/Dec/2017:22:05:24 +0800] "HEAD HTTP://2111.com.cn/ HTTP/1.1" 301 -
192.168.231.128 - - [21/Dec/2017:22:58:50 +0800] "HEAD HTTP://2111.com.cn/ HTTP/1.1" 301 -
192.168.231.128 - - [21/Dec/2017:22:58:54 +0800] "HEAD HTTP://2111.com.cn/ HTTP/1.1" 301 -
192.168.231.128 - - [21/Dec/2017:22:58:55 +0800] "HEAD HTTP://2111.com.cn/ HTTP/1.1" 301 -
192.168.231.128 - - [21/Dec/2017:23:00:48 +0800] "HEAD HTTP://2111.com.cn/ HTTP/1.1" 301 - "-" "curl/7.29.0"
192.168.231.128 - - [21/Dec/2017:23:00:49 +0800] "HEAD HTTP://2111.com.cn/ HTTP/1.1" 301 - "-" "curl/7.29.0"

2.不記錄指定類型的文件

①在虛擬主機配置文件中加入如下內容:

 SetEnvIf Request_URI ".*\.gif$" img
 SetEnvIf Request_URI ".*\.jpg$" img
 SetEnvIf Request_URI ".*\.png$" img
 SetEnvIf Request_URI ".*\.bmp$" img
 SetEnvIf Request_URI ".*\.swf$" img
 SetEnvIf Request_URI ".*\.js$" img
 SetEnvIf Request_URI ".*\.css$" img 
 CustomLog "logs/111.com-access_log" combined env=!img

上述配置內容意義為,將gif等類型的文件同意標記為img,然後在記錄訪問日誌的時候不去記錄img標記的訪問記錄

②重啟服務

[root@test_01 ~]# /usr/local/apache2.4/bin/apachectl graceful

③多次訪問jpg,png等類型文件及非img文件後得到如下日誌。設置生效。

[root@test_01 ~]# !tail
tail /usr/local/apache2.4/logs/111.com-access_log
127.0.0.1 - - [21/Dec/2017:23:28:57 +0800] "HEAD HTTP://111.com/asdasdasdasda.jpg HTTP/1.1" 404 - "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:23:37:38 +0800] "HEAD HTTP://111.com/asdasdasdasda.jpg HTTP/1.1" 404 - "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:23:38:13 +0800] "HEAD HTTP://111.com/asdasdasdasda.jpg HTTP/1.1" 404 - "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:23:38:45 +0800] "HEAD HTTP://111.com/asdasdasdasda.jpg HTTP/1.1" 404 - "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:23:39:26 +0800] "HEAD HTTP://111.com/asdasdasdasda.jpg HTTP/1.1" 404 - "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:23:41:20 +0800] "GET HTTP://111.com/asdasdasdasda.jpg HTTP/1.1" 404 215 "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:23:41:42 +0800] "GET HTTP://111.com/asdasdasdasda.jpg HTTP/1.1" 404 215 "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:23:46:16 +0800] "GET HTTP://111.com/asdasdasdasda.png HTTP/1.1" 404 215 "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:23:49:52 +0800] "GET HTTP://111.com/asdasdasdasda.jpg1 HTTP/1.1" 404 216 "-" "curl/7.29.0"
127.0.0.1 - - [21/Dec/2017:23:49:58 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0"

3.日誌切割

①配置虛擬主機配置文件如下:

 CustomLog "|/usr/local/apache2.4/bin/rotatelogs -l logs/111.com-access_%Y%m%d.log 86400" combined env=!img

說明:

在此處,調用apache自帶的日至切割工具rotatelogs來進行處理。

-l:以當前時間系統時間為基準切割日誌,否則以UTC時間切割日誌。

%Y%m%d:根據時間日期自動創建對應時間的日誌文件。

86400:以天為單位切割日誌。

②重新加載主機配置文件,然後使用curl工具或者瀏覽器訪問111.com的內容來產生訪問日至。

[root@test_01 ~]# curl -x127.0.0.1:80 111.com/123.php
123.php authorization passed
[root@test_01 ~]# curl -x127.0.0.1:80 111.com/123.php
123.php authorization passed
[root@test_01 ~]# curl -x127.0.0.1:80 111.com/123.php
123.php authorization passed
[root@test_01 ~]# curl -x127.0.0.1:80 111.com/123.php
123.php authorization passed

③查看/usr/local/apache2.4/logs/目錄下產生的以日期分割的新日誌文件

[root@test_01 ~]# ls /usr/local/apache2.4/logs/
111.com-access_20171222.log  123.com-access_log  access_log
111.com-access_log           abc.com-access_log  error_log
111.com-error_log            abc.com-error_log   httpd.pid
[root@test_01 logs]# cat 111.com-access_20171222.log
127.0.0.1 - - [22/Dec/2017:00:35:01 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0"
127.0.0.1 - - [22/Dec/2017:00:35:05 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0"
127.0.0.1 - - [22/Dec/2017:00:35:07 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0"
127.0.0.1 - - [22/Dec/2017:00:35:07 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0"
127.0.0.1 - - [22/Dec/2017:00:35:08 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0"
127.0.0.1 - - [22/Dec/2017:00:35:09 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0"
127.0.0.1 - - [22/Dec/2017:00:35:09 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0"
127.0.0.1 - - [22/Dec/2017:00:35:10 +0800] "GET HTTP://111.com/asdasdasdasda.jpg2 HTTP/1.1" 404 216 "-" "curl/7.29.0"
127.0.0.1 - - [22/Dec/2017:00:35:28 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 29 "-" "curl/7.29.0"
127.0.0.1 - - [22/Dec/2017:00:35:30 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 29 "-" "curl/7.29.0"
127.0.0.1 - - [22/Dec/2017:00:35:30 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 29 "-" "curl/7.29.0"
127.0.0.1 - - [22/Dec/2017:00:35:31 +0800] "GET HTTP://111.com/123.php HTTP/1.1" 200 29 "-" "curl/7.29.0"


apache訪問日誌管理

相關推薦

apache訪問日誌管理

apache訪問日誌管理1.訪問日誌在之前的虛擬主機配置文件中,有兩行日誌相關的配置,末尾的combined是日誌的格式類型 ErrorLog "logs/111.com-error_log" CustomLog "logs/111.com-access_log" c

apache訪問日誌 logstash 配置文件實例1

windows 配置文件 cookie chrome 日誌格式: LogFormat "%{clientip}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%{clientip}i.%{cookie}n\""

LAMP-Apache訪問日誌

日誌文件 訪問日誌,記錄了網站訪問者的信息。在一些特殊情況,我們可以通過訪問日誌提取出我們需要的信息。如:網站受攻擊時發起源、統計訪問用戶大數據分布等。一、網站訪問日誌1、訪問日誌配置[[email protected]/* */ ~]# vi /usr/local/apache2.4/co

11.18 Apache用戶認證 - 11.19/11.20 域名跳轉 - 11.21 Apache訪問日誌

11.18 apache用戶認證 - 11.19/11.20 域名跳轉 - 11.21 apache訪問日誌- 11.18 Apache用戶認證 - 11.19/11.20 域名跳轉 - 11.21 Apache訪問日誌 - 擴展 - apache虛擬主機開啟php的短標簽 http://ask.apele

Apache用戶認證、域名跳轉、Apache訪問日誌

lamp架構Apache用戶認證1、編輯文件[root@centos7 ~]# vi /usr/local/apache2.4/conf/extra/httpd-vhosts.conf#打開網頁時,讓你輸入Apache認證的用戶名,密碼<VirtualHost *:80> DocumentR

LAMP架構(apache用戶認證,域名重定向,apache訪問日誌

apache用戶認證 域名重定向 apache訪問日誌 一、apache用戶認證用戶認證就是打開一個網站。會讓你輸入用戶名和密碼。對了才會讓你訪問HTTP,vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf編輯內容如下<Director

LAMP架構(apache訪問日誌不記錄靜態文件,靜態元素過期時間,apache日誌切割)

訪問日誌不記錄靜態文件 靜態文件過期 apache日誌切割 一、apache訪問日誌不訪問靜態文件瀏覽器打開後按f12會會出現一個界面,點network,會出現很多請求,訪問日誌裏會記載,有些靜態的圖片或者文件也會記載,太浪費磁盤空間和磁盤io。所以我們要讓日誌不記錄靜態文件[root@abc ~

Apache用戶認證、域名跳轉、Apache訪問日誌介紹

LinuxApache用戶認證(針對目錄)這個功能就是在用戶訪問網站的時候,需要輸入用戶密碼才能順利訪問。一些比較重要的站點或者網站後臺通常會加上用戶認證,目的是保證安全。1.虛擬主機的配置文件:[root@gary-tao local]# vim /usr/local/apache2.4/conf/extr

11.18 Apache用戶認證11.19 11.20 域名跳轉11.21 Apache訪問日誌

十周三次課(3月2日)11.18 Apache用戶認證更改虛擬主機內容vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf增加用戶名與密碼? /usr/local/apache2.4/bin/htpasswd -c -m /data/.htpasswd a

Apache優化——日誌管理

Apache優化——日誌管理11.22 訪問日誌不記錄靜態文件 編輯虛擬主機配置文件“httpd-vhosts.conf”: [root@centos-01linux ~]# vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf……<Virtua

11.18 Apache用戶認證 11.19/11.20 域名跳轉 11.21 Apache訪問日誌

11.18 Apache用戶認證 11.11.18 Apache用戶認證 11.19/11.20 域名跳轉 httpd.conf,刪除rewrite_module (shared) 前面的#curl -x127.0.0.1:80 -I 123.com //狀態碼為301 11.21 Apache訪問日誌

四十一、Apache用戶認證、域名跳轉、Apache訪問日誌

Apache用戶認證 域名跳轉 Apache訪問日誌 一、Apache用戶認證 功能是用戶在訪問網站時,需要輸入用戶名和密碼才能進入網站。一些重要站點或網站後臺通常加用戶認證,目的是保證安全。# vim /usr/local/apache2.4/conf/extra/httpd-vhosts

11.18-11.21 Apache的用戶認證,域名跳轉,Apache訪問日誌

apahce用戶認證 域名跳轉 Apache訪問日誌 httpd 11.18Apache的用戶認證把相應參數copy進去第二個虛擬主機(為了不影響默認主機使用,所以選擇了第二個虛擬主機)<Directory /data/wwwroot/www.123.com> //指定認證的目錄

Apache訪問日誌訪問日誌不記錄靜態文件、訪問日誌切割

Apache訪問日誌 訪問日誌不記錄靜態文件 訪問日誌切割 1、Apache 訪問日誌 輸入命令 cat /usr/local/apache2.4/conf/extra/httpd-vhosts.conf,回車,見下圖,這個虛擬機的訪問日誌就在 /logs/111.com-access_log

Linux CentOS7 VMware LAMP架構Apache用戶認證、域名跳轉、Apache訪問日誌

con 虛擬主機 VM 所在 mat style usr extra rec 一、Apache用戶認證 vim /usr/local/apache2.4/conf/extra/httpd-vhosts.conf //把111.com那個虛擬主機編輯成如下內容 <

ELK分析Apache訪問日誌並生成影象

一、背景 我們的ELK架構如下圖所示,各個應用節點日誌直接通過rsyslog實時傳輸到Logstash節點,Logstash對生成的各節點日誌檔案做處理後傳輸到Elashticsearch。 二、 logstash配置檔案 input部分 input { file { type => "apa

ELK分析Apache訪問日誌並生成圖像

其他 star cor 格式 分享 -c core index charset 一、背景 我們的ELK架構如下圖所示,各個應用節點日誌直接通過rsyslog實時傳輸到Logstash節點,Logstash對生成的各節點日誌文件做處理後傳輸到Elashticsearch。 二

Linux-LNMP-Apache訪問日誌

訪問日誌記錄使用者的每一個請求 vim /usr/local/apache2.4/conf/httpd.conf //搜尋LogFormat 定義日誌格式,預設使用第二個。 LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-A

LAMP架構十一( Apache訪問日誌切割)

十一、訪問日誌切割 日誌一直記錄總有一天會把整個磁碟沾滿,所以有必要讓它自動切割,並刪除老的日誌檔案。保證磁碟永遠寫不滿,且更方便的管理日誌。 rotatelogs是apache自帶的日誌切割工具,配置訪問日誌交由rotatelogs處理: [[email prote

LAMP架構十( Apache訪問日誌不記錄靜態檔案)

十、訪問日誌不記錄靜態檔案         網站的頁面會有很多元素,尤其是圖片,js,css,等靜態元素非常多,每一次訪問都會訪問大量的靜態元素,這些元素請求都會被記錄在日誌中,因此日誌的增長速度非常快,然而記錄靜態元素的意義並不大,因此我們需要限制靜