Menu
I want to parse NGINX error logs. However, there seems to be no documentation at all, concerning the used log format. While the meaning of some fields like the data is pretty obvious, some are not at all. In addition, I cannot be sure that my parser is complete if I do not have a documentation of all the possible fields. Since it seems you can change the access log format, but not that of the error log, I really have no idea how to get the information I need.
Does anyone know of such a documentation?
327
The default log format in nginx is called "combined".
The syntax for configuring a log format is: log_format format_name 'set_of_variables_to_define_format'; and the syntax for configuring access log is: access_log /path/to/log_file format_name; #simplest form OR access_log /path/to/log_file [format [buffer=size] [gzip[=level]] [flush=time] [if=condition]];
NGINX writes information about encountered issues of different severity levels to the error log. The error_log directive sets up logging to a particular file, stderr , or syslog and specifies the minimal severity level of messages to log. By default, the error log is located at logs/error.
Configure NGINX access log By default, the access log is located at /var/log/nginx/access. log , and the information is written to the log in the predefined combined format. You can override the default settings and change the format of logged messages by editing the NGINX configuration file ( /etc/nginx/nginx.
From reading src/core/ngx_log.c I guess the general error log format seems to be
YYYY/MM/DD HH:MM:SS [LEVEL] PID#TID: *CID MESSAGE
With PID and TID being the logging process and thread id and CID a number identifying a (probably proxied) connection, probably a counter. The *CID part is optional.
116
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
